Social Engineering is an effective, non-technical means for an attacker to infiltrate an organization and secure a foothold by exploiting the “good nature” of human personality. One common route for social engineering involves an individual contacting a help desk claiming to be someone they aren’t. As a result of the help desk staffer wanting to help the individual on the phone, they either disclose information they shouldn’t have disclosed or give unauthorized access to someone they shouldn’t have.
Phishing is a subcategory of social engineering that is very specific to email and was identified by healthcare IT executives as the top future cybersecurity threat. It has been the root cause of many recent breaches and even led to an expensive OCR settlement.
CynergisTek’s social engineering and phishing service was an excellent training tool for our organization. A third-party assessment of how our policies and procedures would stack up against a real threat was eye-opening and provided us with valuable information we can leverage to continue to enhance our security posture.
Director of Information Security, Valley Children’s Hospital
As a trusted partner for the past decade, CynergisTek provides periodic evaluations of our systems and expert advice to keep us on pace with evolving security threats and priorities, like cybersecurity. The assessment was invaluable in terms of gleaning solid metrics regarding our personnel and raising awareness of pertinent threats. Now, we are better equipped to identify, respond and better educate our workforce to a phishing campaign targeting our organization.
Larry G. Pierce
Manager of Information Security and Enterprise Management, Atlantic Health System
To kickstart a social engineering assessment, CynergisTek utilizes client-supplied information to quickly determine the most likely areas for social engineering success. With this information gathered, we proceed with the engagement as follows:
After CynergisTek’s Social Engineering & Phishing assessment, your organization will have a greater understanding of your staff’s readiness to prevent social engineering attacks and a communication plan to increase their education, creating a culture of cybersecurity awareness.
Get Started with CynergisTek Today
Assess. Build. Manage. Validate.