Security Awareness Training & Social Engineering
Whilst technically based cyber-attacks and defences are a major part of securing your organisation, it’s vital to ensure your organisation’s most important asset – its people – are aware of and able to identify and respond to cyber-attacks.
Intertek’s Information Security Awareness Training will provide your staff with engaging training that changes behaviours and ensures that your employees know how to recognise, appropriately respond to and prevent information security incidents.
Challenges to overcome typically include:
- Staff lacking an understanding of the changing nature of security threats
- Staff not aware of their personal responsibility for information security
- The belief that security is the sole responsibility of the IT department
- Staff believing that information security is too technical for them to understand
Intertek’s Security Awareness Training addresses all these challenges.
In addition to standard training modules, the program can be tailored to meet specific needs and different audiences, through an assessment of current security awareness levels, staff profile and client specific policies.
Whereas technical vulnerabilities such as unpatched software or weak encryption are sought out by penetration testing, Intertek’s Social Engineering service focuses on identifying weaknesses through interaction with the social, physical and procedural aspects of the organisation.
A lack of staff security awareness and weak physical or procedural security controls may allow unauthorized access to confidential information, via the people and buildings that hold this data.
Intertek will agree and perform a series of simulated attacks such as phishing campaigns and building access attempts to test the response of your employees to such scenarios, allowing you to understand how ready you are to counter this type of threat.