What is Social Engineering?
The weakest link in most organizations’ security programs is inevitably the people within them. We tend to place too much emphasis on automated tools to enforce security policies, when human error is usually the root cause in an attack.
Social engineering attacks trick people into sharing sensitive information like passwords or payment information that the attacker can then exploit. Hackers often use social engineering attacks to access a target network at a fraction of the cost of more technical hacking techniques.
Gain Insight Through Real-World Social Engineering Attacks
Because the “human factor” is widely recognized as the weakest link in the security chain, your network will always be subjected to social engineering attacks – no matter how you invest in network protection.
At PKM, our approach to social engineering is to use real-world scenarios to test the effectiveness of your information security policies and procedures. These techniques include email spear phishing attacks, telephone persuasion, dumpster diving, desk area audits and war driving (looking for wireless access points from outside of a company’s facilities to enter your network). The result of a social engineering engagement will provide actionable insight into the efficacy of your security policies, procedures and training.