Protect Your People and Your Business from Malicious Attacks
Cyber criminals are constantly looking to exploit the weakest link in the chain. And with social engineering it’s your staff they’re targeting, looking to abusing their trust and willingness to help, in order to gain access to sensitive information. Using a variety of media – including email, phone, and by physically visiting your premises – these attackers intentionally target the human element in an organization, as it’s often easier to trick an employee than to exploit a network.
Mitiget helps you build security awareness into your organization, and make it part of your culture. We create threat campaigns that are specifically designed to target your staff. The goal can be to gather anonymous statistics (i.e. how many people clicked a link), or to discover who would enter their password into the site after clicking the link. This will indicate the level of knowledge and how-to best address this going forward.
We also run online and on-premise security awareness training, to embed an awareness of how your company may be targeted through social engineering, and to help you mitigate the risks associated.
Education is the most credible solution for social engineering. Anti-social engineering training is one of the best, most essential defenses against social engineering. The training must include examples of the most common types of social engineering and how potential victims can spot the signs of illegitimacy.
All computer users need to be taught about social engineering tactics. People buying and selling goods on the Internet need to be educated about purchase scams. They should only use legitimate escrow services and follow all the web site’s recommendations for an untainted transaction.
Email-Based Phishing Campaign
We adopt phishing emails, and their more targeted counterpart, ‘spear phishing’ to test the vulnerable employees.
Telephone Social Engineering
Over the phone, we try to convince your employees that we are genuine, so that they disclose information. Human brains are designed to trust and help people, and it’s that nature that is being exploited to see those that will fall prey to the trick so that more awareness will be executed for them.
Physical Site Assessment
The most direct approach used by criminals is to walk into your premises and convince your staff that they should be there. Once inside, their aim is to connect to networks or focus on other targets. We also adopt this approach to identify weak links for strengthening.
Open Source Intelligence (OSINT) Gathering
key to the above scenarios is the gleaning of information about your staff from the internet. All this personal data helps to craft the scenarios used to assess and overcome staff. Social media will be a good place for us to present familiar scenarios to see those that will fall for the trick.
Information Security Awareness
Cyber-security Training Courses
Secure Records Management Training Courses
IT and Service Management Training Courses
Risk Management Training Courses