
How to classify sensitive data within your organisation (part 2/2)
In this second part of our two-part blog we will discuss the requirements to correctly classify your data. Following on from part one once the
It’s well-recognized that your people play a fundamental role in protecting the enterprise from malicious threats. The consequences of inadvertently opening the doors – both digital and physical – to cyber attackers can be wide-ranging, from short-term operational disruption to serious, long-term reputational damage.
Failing to address the human element of cyber risk exposure could rapidly undermine your technical defenses. Security assessments that incorporate social engineering are designed to reveal how well your staff follow company policies and procedures, highlighting where you need to adapt or refresh security processes to mitigate risk.
The precise scope of our industry-leading social engineering assessments can be tailored to your business, but the overall goal is to test how easily we can gain privileges and access to your systems, information and premises.
We test your susceptibility using a variety of techniques such as phishing attacks, Trojan viruses, phone phishing and attempting to gain unauthorized physical access. You will gain answers to questions such as: Would a member of staff share their password with a stranger posing as an auditor? Will employees hold the door open for someone wearing an ID badge without checking its authenticity?
The result is a comprehensive report that may make for uncomfortable reading but should provide a springboard to much-improved risk mitigation.
Financial services case study – Mitigating social engineering risks
Read about how we performed a social engineering engagement for a leading financial services client.
How to spot phishing email attacks
This blog post includes an example phishing email and illustrates the types of techniques attackers use when targeting their victims. It includes tips on how to determine the legitimacy of an email.
In this second part of our two-part blog we will discuss the requirements to correctly classify your data. Following on from part one once the
A crucial first step towards ensuring your data is secure is to identify and classify your information assets. Without considering these tasks you will neither
The Network and Information Systems (NIS) Regulations, aimed at raising levels of cyber security and resilience of key systems across the EU, came into force