Our favorite service offering is the Social Engineering Assessment. This is because we are very skilled and successful at it and most everyone involved has fun. Unfortunately, cyber-criminals also love to social engineer, and they are good at it, too.
Social Engineering is the art of hacking people to gain information or access. Since humans are so complex, and we all have good days and bad days, collectively; we are the weakest link.
This weak link in a company’s defenses is exactly what the bad actors are targeting. Social Engineering is one of the highest threats facing today’s businesses.
To combat this growing threat, many companies have instituted a multitude of security controls including: Policies, Procedures, Monitoring, and Security Awareness Training. These controls are what a good Social Engineering Assessment will test and evaluate.
Most of our clients are shocked at how successful we can be on their first test at tricking employees into divulging information. Those same clients seem to enjoy reducing our success rate year after year.
We see companies reduce their risk levels most effectively by engaging a complete Social Engineering Assessment annually, supplemented with focused based engagements such as phishing email and phone testing each quarter.
Pass or Fail, Win or Draw: there is always something to learn from a good Social Engineering Assessment.
Social Engineering is the art of hacking people to gain information or access, and is one of the highest threats facing today’s businesses.
The 10-D Security Difference
- Subject Matter Experts in testing financial institutions.
- Thousands of assessments performed across the country.
- Nationwide testing experience with ALL types and sizes of institutions.
- Discreet professionals able to conduct test but not disrupt business.
- Professional, concise, and prompt—report to you in 7 days—GUARANTEED.
Who Benefits from a Social Engineering Assessment?
This service applies to organizations:
- With policies and procedures have been put into place to help combat Social Engineering tactics.
- Where awareness has plateaued and a new challenge is needed.
- Performing security awareness training.
- Where management understands that testing is a constructive part of the overall Information Security Program.
- Wanting to improve its chances against this common attack method.
The Scope of Work
Social Engineering Assessments can be scoped to meet the specific needs and culture of any company. Testing can target all locations and employees, or just a sampling of each. The test can include any of the following test areas:
- Phone Interactions
- Physical Interactions
- Email Interactions
- Trash Searches “Dumpster Diving”
- Media Drops