SOCIAL ENGINEERING

Your employees can either be an asset or a liability when it comes to your organisation’s cybersecurity. By clicking on a link, opening an attachment or browsing to a website, employees can provide a backdoor into the corporate environment for an attacker to exploit.

Through considered social engineering and targeted security training, organisations can significantly reduce the risk that employees will be exploited through malicious content. Nettitude delivers social engineering (or confidence trick) services that are highly tailored to your organisation, allowing you to reduce the risk that your employees will fall victim to these attacks.

Looking For Social Engineering Services?

What Is Social Engineering?

The phrase Social Engineering covers a multitude of different types of tests, ranging from services conducted over the Internet, through to services over the phone or physically on site.

Nettitude strongly believes that an element of Social Engineering should be conducted in all Penetration Tests, due to the fact that humans are involved in all security processes.

To focus on the technology alone results in an incomplete test. The intent behind a Penetration Test should be to identify the risk that is presented by a certain type of asset, connection or activity. Therefore to fully address all of the elements that feed into that risk, Nettitude genuinely believe that human aspects need to be considered.

Social Engineering And Spear Phishing Services

Multiple high profile security breaches have been instigated through social engineering exploits. Users were targeted through spear phishing emails, and through clicking on a link, opening an attachment or browsing to a website, provided a backdoor into the corporate environment for an attacker to exploit. Through conducting spear phishing attacks and other social engineering tests, an organisation can get a feel for how susceptible its employees are to compromise.

If they are not correctly trained, employees can be the weakest link in an organisation’s security arsenal. As a consequence, social engineering tests that feed directly into security awareness training programs provide a direct mechanism for organisations to tackle this vulnerability.

The human element will always pose a risk to organisations, however, through considered social engineering and targeted security training, organisations can help to reduce the risk of employees exploited through malicious content.