Social Engineering Testing
Some figures suggest that 80% of all data loss is a result of those most trusted assets, the staff who sit on an office chair, the contractors, cleaners, security guards and other people who are regarded as being trustable.
Although, there are of course going to be those members who wantonly attempt to circumnavigate security systems in order to steal information or corrupt business processes, Data loss is often the result of unintended actions, but either way, management need to know about it. Likewise it can be a useful barometer to determine the effectiveness of training or implantation of new security controls.
Tailored Social Engineering campaigns give you visibility into the reality of what is actually happening in the business: how many people ARE clicking on those links that they’re not supposed to, but you’ve been getting away with it? How many people DO hold open the door for unknown visitors? How many people ARE prepared to divulge more on the telephone than you assume they will?
Campaigns can be built around one-off posture tests or on-going testing. The tests are tailored to suit your exact requirements and can be as simple or as complex as is required. To that end, they can be a lot more affordable than you might expect, even for a small business.
Even more important than testing, is training. It is unfair to ask staff to be diligent in their awareness of the various forms of social engineering if they have never been trained properly on what to look out for. There are plenty of online courses to help with some of this, and they certainly can be the cheapest option, but if you really want the exercise to do more than tick a box, then there is no equivalent to having somebody who knows what they are talking about stood right in front of them.
We offer training services both on-site, at our own offices and at a conference suite close to your office. Our focus is very much on ensuring that your staff go home KNOWING what to look for.