+234 909 552 2003       info@mitiget.com

Social Engineering Assessments

Protection Starts With Your People

Mitiget Is The Game Changer Here...

Protect Your People and Your Business from Malicious Attacks

Cyber criminals are constantly looking to exploit the weakest link in the chain. And with social engineering it’s your staff they’re targeting, looking to abusing their trust and willingness to help, in order to gain access to sensitive information. Using a variety of media – including email, phone, and by physically visiting your premises – these attackers intentionally target the human element in an organization, as it’s often easier to trick an employee than to exploit a network.

Mitiget helps you build security awareness into your organization, and make it part of your culture. We create threat campaigns that are specifically designed to target your staff. The goal can be to gather anonymous statistics (i.e. how many people clicked a link), or to discover who would enter their password into the site after clicking the link. This will indicate the level of knowledge and how-to best address this going forward.

We also run online and on-premise security awareness training, to embed an awareness of how your company may be targeted through social engineering, and to help you mitigate the risks associated.

Defenses Against Social Engineering

Education is the most credible solution for social engineering. Anti-social engineering training is one of the best, most essential defenses against social engineering. The training must include examples of the most common types of social engineering and how potential victims can spot the signs of illegitimacy.

All computer users need to be taught about social engineering tactics. People buying and selling goods on the Internet need to be educated about purchase scams. They should only use legitimate escrow services and follow all the web site’s recommendations for an untainted transaction.

What We Test for Your Organization

Email-Based Phishing Campaign

We adopt phishing emails, and their more targeted counterpart, ‘spear phishing’ to test the vulnerable employees.

Telephone Social Engineering

Over the phone, we try to convince your employees that we are genuine, so that they disclose information. Human brains are designed to trust and help people, and it’s that nature that is being exploited to see those that will fall prey to the trick so that more awareness will be executed for them.

Physical Site Assessment

The most direct approach used by criminals is to walk into your premises and convince your staff that they should be there. Once inside, their aim is to connect to networks or focus on other targets. We also adopt this approach to identify weak links for strengthening.

Open Source Intelligence (OSINT) Gathering

key to the above scenarios is the gleaning of information about your staff from the internet. All this personal data helps to craft the scenarios used to assess and overcome staff. Social media will be a good place for us to present familiar scenarios to see those that will fall for the trick.

Cybersecurity Training and Awareness

Get Trained, Get Certified! Get Ahead with Your Security Career.

Information Security Awareness

Cyber-security Training Courses

Secure Records Management Training Courses

IT and Service Management Training Courses

Risk Management Training Courses

Get Compliance, Get ISO Certified

Achieve your ISO certification in a seamless, timely and affordable manner. We make it easier and stress free for you. Certification guaranteed in your time frame. 100% Trusted Services - Control Implementation, Training, Documentation, Audit, Certification.

ISO 27001 Certification

We work with organizations to identify areas of improvement and meet ISO 27001 standards and requirements for information security management systems (ISMS), providing gap analysis and guidance on improving their overall cyber security controls.

Read more ...

ISO 22301 Certification

We work with organizations to identify areas of improvement and meet ISO 22301 standards and requirements for Business Continuity Management System (BCMS), providing business impact analysis and guidance on improving their overall business resilience.

Read more ...

PCI DSS Compliance

We offer a variety of services to help you achieve and maintain PCI compliance. This includes PCI gap assessments, annual AOC (Attestation of Compliance) and Self Assessment Questionnaire (SAQ) assistance, along with cyber security program development and design for PCI organizations.

Read more ...

GDPR Certification

We help you to be GDPR compliant. This makes you demonstrate accountability for how you store, maintain and protect both your client’s and employee’s data. We help you develop policies, embed new processes, educate staff and ensure the right security and encryption is applied to all your devices.

Read more ...