PRESS RELEASE

New York, NY. - December 15, 2009 - Intrepidus Group, a leading provider of information security services and software, today announced that it has achieved significant growth and company milestones during 2009. The company's PhishMe real-time user awareness training solution has become the clear choice for large enterprise customers worldwide as the de facto standard in protection against targeted phishing attacks. The company has helped organizations around the world prevent damage, theft and loss caused by spear phishing attacks by training more than 750,000 individuals and slashing risks of future compromises by as much as 90 percent.

Spear phishing attacks are on the rise. Two of the Web's most popular social networks, Facebook and Twitter, were hit with phishing scams earlier this year. The FBI has recently warned that law firms and public relations agencies are being increasingly targeted by phishing schemes. Phishing attacks can be so realistic that they nearly drove the director of the FBI Robert S. Mueller, an official whose job is to protect others from the risk of cyber crime, to self reportedly almost fall victim to a phishing attempt.

To combat this growing cyber crime, Intrepidus Group created PhishMe, an employee education awareness solution that develops a human firewall against targeted phishing attacks. The solution has been so successful; Intrepidus Group has seen a 983% increase in the number of employees it has trained, year over year. Federal Agencies and Fortune 1000 companies alike across multiple vertical market sectors including financial services, healthcare and defense contracting have chosen to protect their employees using PhishMe.

"We are humbled by our rapid growth and proud to play such an increasing role in the protection of today's individual worker in both the public and private sector," said Rohyt Belani, CEO of Intrepidus Group. "We firmly believe that the best protection against phishing attacks is a human defense and through methodical, real-time, interactive training and education, organizations can protect their critical data and employees by empowering them to detect and resist the unauthorized access to sensitive data."

In addition to rapid customer growth and the expanding number of PhishMe-trained knowledge workers, Intrepidus Group has also achieved the following key milestones during 2009: . Expanded product portfolio with the launch of PhishMe Malware Edition to train users against spear phishing attacks that involve emails that emulate the threat of malicious file attachments . PhishMe was selected by the United States Military Academy, the United States Air Force Academy, the United States Naval Academy, and the United States Coast Guard Academy to train 22,000 cadets to thwart spear phishing attacks . Intrepidus Group researcher, Mike Zusman, uncovered a web browser flaw in rendering EV SSL protected pages which can facilitate silent man-in-the-middle attacks . PhishMe' won the Info Security Product Guide's Global Product Excellence and Tomorrow's Technology Today awards in the Anti-Phishing Education category . BrandProtect, the leader in Reputation Management, signed on to deliver real-time phishing awareness training services based on PhishMe . Intrepidus Group CEO, Rohyt Belani, was appointed to GTRA's Industry Advisory Board to advise key government information security executives on the latest threats and mitigation strategies. . PhishMe became a sponsoring member of the Anti-Phishing Working Group

"We are looking forward to another high-growth year in 2010," added Belani. "Our goal is to continue to rapidly educate today's workers so that we can raise the bar in this fight against phishers."

About PhishMe PhishMe is a software-as-a-service (SaaS) solution designed to help prevent damage, theft and loss caused by targeted (spear) phishing attacks. PhishMe facilitates and automates the execution of mock phishing exercises against employees, provides clear and accurate reporting on user behavior, and most importantly provides instant, targeted employee training. This method of delivering training materials is recommended by SANS and found to be most effective by researchers at Carnegie Mellon University.

About Intrepidus Intrepidus Group is a leading provider of information security consulting services and software solutions. With offices in New York City, the Washington DC metro area, and Boston the company offers innovative solutions to help clients build employee awareness around common information security issues. Intrepidus Group's consultants also conduct hands-on assessments of critical applications, networks and products to uncover vulnerabilities, and provide strategic and tactical recommendations to address identified issues.