Social engineering is a nontechnical kind of intrusion that relies on human interaction with the purpose of tricking people others into breaking established security procedures. The basic goals of social engineering are to gain unauthorized access to locations, critical systems or information assets to commit fraud, identity theft, or to disrupt the normal operations of the business.
Your security controls, policies and procedures are only as strong as the people implementing and following them. Social engineering provides you with the information it needs to:
Remediate physical and electronic vulnerabilities that put your data, employees and company at risk.
- Focus security awareness training programs on the areas and technologies that pose the greatest risk or validate the effectiveness of existing training program.
- Limit the growing risk of CryptoLocker and ransomware.
- Strengthen policies, procedures and controls to reduce future risks.
- Provide assurance to management and executives that its users are aware of cyber security risks.