With the rapid development of the internet, the issue of cyber security is becoming increasingly important. Today public and private sector organisations are confronted with numerous cyber-attacks and the problems they bring. In this thesis, we focus on the importance of protecting classified and personal data in the public sector, in addition to the underlying technologies and cyber security. More specifically, the thesis covers a more detailed analysis of phishing attacks, where an attacker uses different techniques to convince the victim of the legitimacy of a message and thereby gain access to data or computer equipment. The main objectives of the thesis are to understand and analyse cyber security, cyber-attacks and possible defences as discussed in the literature, and to develop and understand how phishing attack software works. The software was developed using the MEAN technology stack, which contains technologies such as MongoDB, ExpressJS, Angular and NodeJS. We have found that the key element of security and keeping an organization safe is the human factor and therefore cyber security education is a key to keeping an organisation safe from cyber threats. We also learned that phishing attacks are technically less challenging than some other types of cyber-attacks but just as effective. With the increasing use and accessibility of the internet, the potential for such attacks is increasing. We have also used this knowledge to create an educational video that presents some of the main types of attacks and how to defend against them. Through software development, research, and based on the literature, we have illustrated and described cyber security problems that raise new research questions for the future.