Social Engineering Testing
Over 30% of all hacks resulting in data breaches in the last year included some sort of social engineering attack such as phishing or telephone pretexting. Why? Because it works. Social engineering is a reliable and proven technique for by-passing technical security controls and obtaining unauthorised access to systems and information. System end-users are the weakest link. And yet, most companies focus solely on testing the effectiveness of the security hardware and software controls they’ve implemented on their systems to reduce the risk of unauthorised access. A hacker will follow the path of least resistance for gaining unauthorised access. Why bother hacking a firewall when they can pick up a telephone and trick an end-user into revealing their login credentials? If you have not already undertaken social engineering security testing, the question is why not? Risk Crew’s testing is scoped to meet your specific business or compliance requirements and we issue “Testing Certificates” to enable your business to produce evidence of compliance if required.