Course: Introduction to social engineering awareness and defence
Enabling employees to defend themselves against deception, impersonation and manipulation.
Social engineering is a significant problem for businesses. Ensure you are equipped to deal with it - learn from experienced ethical social engineers to understand the threats you face, recognise and identify attacks, and see how to defend against social engineers. Remember - your business is only as secure as the people in it. Give your people a chance - Be prepared.
Book online to attend on 23 April 2013 at Infosec
To attend this course at Infosecurity Europe book here www.infosec.co.uk/firstdefence
Course summary
This half day course provides an introduction to defending against one of the most prevalent threats faced by organisations today – social engineering.
Social engineering is a collection of techniques for manipulating people into providing inappropriate access to physical or information assets. It is a form of intrusion that depends on human interaction and is mostly non-technical. It typically involves deceiving people and exploiting the innate human desire to be friendly and helpful and to avoid confrontation, such that they compromise normal security procedures.
Even where optimal physical and technical information security controls have been implemented, the human vulnerability can lead to compromised confidentiality, integrity, and availability.
The course focuses on attacks that your organisation may be subjected to, the steps you can take to defend yourself, and the ways you can improve your social engineering awareness to ensure a sustained defence.
Participants who wish to learn more about how to conduct a Social Engineering Test may wish to combine this course with our half day course on “Introduction to Social Engineering Testing” for a full day’s training and a more in-depth study of social engineering.
The objective of the course is to provide participants with the tools and knowledge to identify and deal with social engineering attacks by learning the characteristics of and methods used by social engineers. As potential unwitting victims themselves, participants will gain a better understanding of what motivates them and how their own actions may be manipulated by an attacker.
Most importantly, participants will return to their workplace confident in the knowledge that they are better prepared to counter any social engineering attempts, and know how to respond to such attempts.
Who should attend?
Anyone with an interest in learning how to protect themselves or their organisation against social engineering attacks. In particular, security managers who want to improve the security awareness culture within their organisation.
Course content
- Introduction to social engineering
This unit provides an introduction to social engineering, what it is, why it is a threat and who the malicious social engineers are. It will provide a brief summary of the evolution of social engineering from the golden era of the con man to the social engineering attacks of today.
- Social engineering principles
This unit provides an overview of the principles on which social engineering is based and will help participants to understand why social engineering works.
- Common social engineering techniques
This unit will discuss common techniques used by social engineers, such as mumble attacks, road apples, phishing/vishing/smishing, etc. It will include plenty of examples from real life experience and the media.
- Defence against social engineering
This unit will suggest different methods for defending against social engineering attempts, including:
- Logical security controls
- Physical security
- Security policies
- Education and awareness