Social engineering

Cybercrime and hacking: frequently in the news. For most people, the immediate association is with a technical scenario, allowing perpetrators to get away with sensitive information. However, that is only part of the story. Ultimately, the human factor is the weakest link in IT security. More and more, attackers aim for organisations using employees or other individuals. The techniques they use to do this are known as social engineering. Rather than compromise your systems, the attacker compromises your people.

Assessing your weakest links

To gain insight into the weakest link in your IT security, Secura can conduct a social engineering investigation. This test reveals information about the level of awareness of this issue in your organisation. Our consultants use scenarios comparable to the tactics a real attacker might employ. This allows you to see (in a trusted and safe environment) how your organisation reacts to this kind of breach.

Scenarios we might use in your organisation include:

  • phishing for credentials of systems;
  • acquiring access to office systems;
  • installing malware onto your network via email;
  • phone survey of your staff to investigate how far they will go in supplying information;
  • leaving behind spyware/mal(hard)ware after an arranged visit

We will record the outcomes of the penetration test in a clear report with a concise management summary, a description of the events that occurred and an overall conclusion. Secura will always work discreetly in this. The anonymity of those involved and other identifiable points is guaranteed.

 

@Secura 2017
Webdesign Studio HB / webdevelopment Medusa