Training

Social engineering workshops

by Mark Rowe

‘Security fatigue’ is among the topics addressed by a trainer in how to thwart social engineering attacks. One of her messages is that your physical security and your IT firewalls may be impressive (and expensive), but a social engineer can use your own staff to compromise those security measures, and to even literally or metaphorically open the door for the social engineer to enter.

She is Jenny Radcliffe, who will lead a pair of workshops in London on awareness of social engineering. Briefly, fraudsters seek physical access to a building, or use the phone or emails or social media forums, or a mix. Employees are tricked into giving away information. In a phrase, it’s a ‘human hack’.

Get over it

Jenny suggests that training about social engineering can be a good way to get over ‘security fatigue’. As she says, if you’re telling people to use strong passwords; be careful of what you post online, ‘a lot of these things seem very far away, or technical or nebulous’. A ‘social engineer’, making calls, is someone more easily pictured. This human element can mean that non-security employees identify with security better than the technical side. From experience – as someone who has done social engineering, and who these days is more of a trainer than a doer – she says that employees don’t think they are important enough or rich enough to be hacked. “But what they don’t understand is, if you have got someone who works for a company, any company, every single member of staff is a potential target for a social engineer, because every single member of staff knows something about that organisation. And can be pressured.”

Security fatigue

How do social engineers get around your building or network security? Go to the workshop and find out!? She terms ‘security fatigue’ as ‘the idea that there’s just too many people to think about and to worry about.” But there are ways, as given over the one-day course, to defend; to make staff aware and to convert that into a secure workforce. Or to put that another way, the culture of an organisation may turn staff into willing or unintentional social engineers themselves; again, Jenny says, there are ways to reverse that.

About the workshops

The social engineering awareness training (SEAT) workshops are running in central London on March 15 and June 7. Visit www.conference-network.co.uk.

Picture by Mark Rowe; central Milton Keynes.

Related News

  • Training

    IFSEC 2018 hailed

    by Mark Rowe

    UBM EMEA, owners of the annual IFSEC International exhibition, have hailed the 2018 show, describing it as the inaugural year of change…

  • Training

    Training is the key

    by Mark Rowe

    Take your career in security to a higher level, writes James Kelly, pictured, CEO of the British Security Industry Association (BSIA). The…

  • Training

    Midlands fraud date

    by Mark Rowe

    Michael Woodford, the former CEO of electronics company Olympus, blew the whistle on billion-pound fraud and corruption at the Japanese firm. As…

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing