Social engineering

Social engineering attacks include a series of activities resulting in gaining access to information and confidential data about the company by gaining trust of company employees or gaining access to unauthorized activities.

Such attacks are frequently discovered only when critical information is stolen from the company of when after some time, it turns out that the offers of Your competitors are always better than Yours.

They typically target manipulating people for the advantage of the attacker, providing access to passwords, access codes or information about people responsible for company security and its operating continuity as well as protection elements or even production processes.


Counteraction:
In the face of increasingly commonality of social engineering attack attempts, prophylactic seems to be the unavoidable goal of the company management. Due to the character of such attacks, the main risk is related with the lack of awareness of company employees about the risk of making information public. Counteracting social engineering attacks typically forces the company to define appropriate procedures for rapid response.

Technical protection:
Nobody in the world has discovered so far any technical means of protecting against this particular attack method, which could eliminate social engineering attacks once and for all. The basic aspect in the case of this type of attacks are mainly trainings making people aware of the weakest link in the company security chain - i.e. people including company employees and co-workers. Detailed information about the means of preventing such a type of attacks, proposed by our Company, You can find on the sub pages of [process security audit] and [audit of network technologies]