+44 (0) 114 330 9800

Social Engineering


Stage 1 - Identification

We focus on identifying sensitive information about an organisation which is inadvertently accessible through publicly available sources such as websites and staff social media accounts.

More Info

Stage 2 - Assessment

We will use the information obtained from Stage 1 to try and gain access to an organisations internal systems or data. It aims to give a customer an insight into how unaware employees can be tricked into disclosing sensitive company information.

More Info

Stage 3 - Treatment

We can help mitigate Social Engineering risks present within an organisation by raising staff awareness. This is achieved by delivering memorable security awareness training to staff; helping them understand the risk of social engineering relevant to their role and organisation.

More Info

Summary

Social Engineering Campaigns are designed to identify, assess and treat the risks within an organisation that can’t be controlled effectively through technical solutions; the employees. Employees have access to a vast amount of information on company systems, but it is often forgotten just how much is stored in their heads as well. Alongside this, many staff are not aware of the risks of accessing personal accounts at work, clicking on links emailed to them or plugging a USB stick into a PC. Many cyber-attacks are now leveraging this weakness and targeting staff to get access to company information or systems. The only way to prevent this is by improving employee understanding of the risk they could pose to the business through effective security awareness training which is memorable and relatable to an employee’s daily role.

For pricing, booking and further queries please contact us:
Call: 0114 330 9800 (Option 2) or E-mail: info@kilco-iss.com
Social-Engineering

Stage 1 – Identification

A Stage 1 Cyber Security Campaign starts by building a picture of an organisation through publicly available information. This is achieved by combing through data on the internet to see how much information has been inadvertently disclosed. The customer is then given a report outlining what picture of the organisation we managed to build and where this information was gathered from. This then allows an organisation to begin a process of removing this information from online sources where possible.

Stage 2 – Assessment

Stage 2 Campaigns attempt to gain information by making hoax phone calls, sending phishing emails and impersonating visitors to try and gain physical access to company premises. An increasing number of cyber-attacks revolve around these techniques as traditional hacking techniques are being prevented by improving technology. At the end of the campaign the customer will be given a report outlining which techniques were successful against which locations/departments of an organisation. The service will also include a focus session where one of our staff will explain the techniques we used, how successful they were and what steps should be taken to stop an attacker using the same techniques.

Stage 3 – Treatment

Stage 3 of this service revolves heavily around the provision of effective security awareness training. If Stage 1 or Stage 2 was completed by Kilco, visual examples of how we managed to gain information or access to the organisation will be provided so employees fully understand how their decisions can impact a business. Depending on the size of the organisation, training can be tailored specifically to each department or business function so that the key messages are delivered in a format which is relatable for the recipients.