Posts

, ,

Social Engineering Awareness Program Part 4: Clicking the Phish

It is inevitable that at some point, someone will fall victim to a social engineering attack. This could be via clicking the phish, letting an unauthorized person in, or succumbing to a phone scam. Integrating with your Incident Response plan (if you have one; otherwise read my next series) is vital. Read more

,

Social Engineering Awareness Training Part 3: Reinforcement and Incentivization

Reinforcement and Incentivization

At this point in the awareness life cycle, the culture has been set. Training has been designed and conducted. At this point, we are trying to reinforce the training and provide incentives for those who thwart attacks or report “interesting” attempts or by volume. Read more

Social Engineering Awareness Training Part 2: Designing Effective Training Program

Designing Effective Training Program

Image Reference – Pixabay

In a continuation from the previous post, we have established the culture of security. The population is ready to be trained, thus raising awareness. This prerequisite is key for setting up the training. Effective training will raise awareness for all levels of employees and add a layer of protection to the organization while also removing a level of insider threat. Read more