SOCIAL.ENGINEERING ASSESSMENT

Social engineering exercises identify the level of security in the single asset a bigger IT budget can’t help. The human.

Hundreds of billions of emails are sent every day. Almost certainly at some point you’ve received one of them, often spam, trying to entice you to act on it’s content. Similarly, phone calls are placed under various guises, sometimes strengthened by prior research in order to shroud the target in a false sense of security before trying to incite information from them.

Whatever the technique, should the attack be successful it could potentially result in the downloading of malware for further compromise, or the theft of personal data, money or intellectual property. You may have embedded a culture of cyber awareness into your employees and you may even have some confidence in your program, but how can this be effectively tested?

Our Approach

We can offer a realistic attack simulation using methods employed by the bad guys. The engagement is based around your needs and can utilise malicious email campaigns (phishing) and/or malicious phone calls (vishing), all of which will be customised to your environment.

These engagements can be as simple as sending a blanket email to a number of employees and monitoring the interaction rate, or by focusing on specific targets or user groups, attempting to deploy payloads that might allow us to access internal resources.

Regardless of the details, you will receive a detailed report with useful statistics that will evidence the level of employee awareness as well as how effective technical boundary controls are.

For further information on the engagement specifics, please contact one of the in.security technical team.

 

Why choose a Social Engineering assessment?

  • A great way to test the technical capability of your organisation’s boundary controls
  • Can be used to test the effectiveness of your security awareness training program
  • We recommended that this service is combined with our in.security Awareness Course to ensure maximum effectiveness