While the threat of data loss through sophisticated cyberattacks is very real, many organizations overlook their employees as a potential threat to company security. A social engineering review will help organizations combat these types of attacks. Even the best network and systems security will not prevent an attack directed at your employees. Malicious hackers can be extremely effective at coercing people to break their normal security procedures and divulge confidential information. In some cases, the disclosure of information may not be intentional, and employees can be taken advantage of by carefully thought out criminal attacks. This line of attack is referred to as social engineering.
Rather than a traditional information security assessment, the social engineering review is designed to assess the level of training and knowledge employees possess when it comes to ensuring the security of vital information and data.
At Canaudit, we use the same thought process and real-world strategies that attackers use in order to gain internal network access or confidential information access through anonymous conversations with staff, email phishing, USB drive dropping and other creative attacks. The specific attacks selected for each engagement are based on the specific needs and requirements of each client.
Canaudit will contact the client organization via the scenarios agreed upon. During this activity they will impersonate third parties, trusted internal staff or even external contractors.