Security Risk Advisors

Social Engineering and Advanced Threats

The purpose of social engineering testing is to identify the most pressing gaps in technical defenses and employee security awareness through proof-of-concept, minimally-intrusive tests.

Our approach to social engineering and advanced threats answers the following questions:

  1. Assuming at least some of our users will fall victim to convincing scams, how effective are our tiered controls at reducing the impact of clicking a malicious email link?
  2. How effective is our current security awareness program at teaching employees how to identify and respond to threats?

We tailor our testing activities to model custom, organization and threat-specific tests to identify whether regulatory and data protection objectives are being met by the current SAT program.