The Human Element is Often the Weakest Link – Improve Cyber Security Posture with GDF’s Social Engineering Testing and Training

Share Article

Cyber security is becoming a hotter topic every day as huge data breaches, high profile intrusions and even cyber warfare continue to make headlines. As corporations direct larger amounts of resources to the cyber front in a struggle to get a handle on these ever-evolving games of cat-and-mouse, one crucial element often goes without the full attention it deserves – susceptibility to social engineering – the human element. To help businesses and corporations substantially improve their cyber security posture by addressing this serious risk, Global Digital Forensics has recently upgraded the social engineering testing phase of its trusted cyber penetration testing program to meet today's newest challenges head on. Customized social engineering training for employees has now also been added as a new offering, available as a component to a full penetration test.

Social Engineering Scams
as headlines of successful intrusions keep piling up, it no longer takes a visionary to understand the potential ramifications if digital assets are compromised

Playing defense in the cyber security arena has become more important than ever. As businesses and corporations continue to lean more heavily on the conveniences the digital landscape can provide, the consequences of a successful cyber attack can result in disruptions and financial loss on an unprecedented scale. And this reality has not escaped corporate America’s attention. More businesses of all sizes have finally started to shift some long overdue attention to the protection of their cyber front, and addressing the cyber threats posed by social engineering must be part of the equation. Global Digital Forensics has responded with newly updated social engineering testing, and now also offers followup social engineering awareness training to substantially reduce the dangerous threat posed by adept cyber criminals.

It was only a matter of time for a paradigm shift, because as headlines of successful intrusions keep piling up, it no longer takes a visionary to understand the potential ramifications if digital assets are compromised. Lost revenue, lost integrity and the lost trust of a fickle public resulting from a successful cyber intrusion can slay even the mightiest goliath, almost as fast as a natural disaster. But as precious resources are finally being funneled to build more secure cyber perimeters with better, more advanced hardware and software, far too often the wetware (the human component) gets overlooked.

Being on the inside of the inner circle while helping hundreds of companies and corporations control the risks posed by cyber threats, Joe Caruso, founder and CEO/CTO of Global Digital Forensics, has seen how even the best laid cyber security perimeters can prove worthless when a hacker(s) employing social engineering finds a weak link. “Astronomical figures are being spent to bolster cyber security every year, and that’s a great thing considering how vulnerable most organizations are on the cyber front. But no matter how strong the perimeter walls are built, if you give an enemy the key to get in, none of it really matters. That’s exactly what’s happening when even a single employee falls prey to social engineering.”

“What really shocks me is how many companies I see that have absolutely no training or awareness programs in place that talk about social engineering threats - at least one in three. Others, that at least talk about it, often miss key elements and don’t really drive the point home with any real enthusiasm. So awhile back we started crafting simple phishing emails as part of our penetration testing program and found that when you have the evidence in black and white, managers, directors and executives suddenly feel a little real fear. And ever since we started doing that, we kept evolving the process to incorporate different types of social engineering methods as well, like pretexting (assuming a fake identity), baiting (leaving manipulated digital media behind hoping for a “curiosity insertion” into a network system), phone calls, and full scale spear phishing expeditions with all the bells and whistles, like an accompanying phony corporate website. To date, no client has ever walked away from a GDF social engineering exercise without access credentials landing in our hands.”

“Now we’ve taken it even a step further. We can put together follow-up training classes tailored to a client’s unique weaknesses, which we expose during our penetration testing. And when you have a group in front of you with list in hand of how they were just essentially compromised, let’s just say the focus and attention is very different than a yawn-fest morning meeting. We can also review policies and procedures to make sound recommendations on how to strengthen them and help clients leverage many more little tricks of the trade that bolster awareness and operational security. And yes, social networking and all the new vulnerabilities it can introduce are also covered.”

To speak with a Global Digital Forensics cyber security specialist about penetration testing with social engineering testing and training, network security, application security, mainframe security, or any other concerns about cyber threats and vulnerabilities, call 1-800-868-8189. Emergency incident response teams are also available 24/7, so if you have recently had, or are currently experiencing a live cyber intrusion or data breach, don’t hesitate, time is of the essence.

*Global Digital Forensics is a recognized leader providing cutting edge solutions in the fields of cyber security, computer forensics, eDiscovery and 24/7 emergency intrusion incident response services. With offices in 16 US states and 30 offices spanning the continents, GDF's global reach is supremely positioned to react quickly and efficiently with a staff of highly qualified and experienced specialists virtually anywhere needed, nationally, as well as worldwide. Visit for more information.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Aris Demos
Visit website