Human are the weakest link in the security chain. They are facing threats on a daily basis from phishing emails, to social engineering calls and very often, have little or no knowledge that would help them identify the danger.
No matter which technical and physical security controls you have implemented, the security of your infrastructure and network comes down the ability of your employees, contractors or vendors to recognize such attacks, and not fall for such traps.
Hackers know these alarming facts, which is why humans are their first target. Cybercriminals use sophisticated social engineering techniques to persuade and manipulate people to gain access to your internal networks and sensitive information.
Assessing your employees’ readiness to identify and withstand Social Engineering attacks should be a key part of your organization’s security program.
Our services rely on highly skilled security professionals and penetration testers with extensive experience, in both defense and offense, to create realistic phishing scenarios. The goal of our service is not only to assess your employees’ readiness to withstand common phishing attacks, but more importantly, target and spear-phish attacks that have a high impact on your organization. wizlynx group presents Phishlynx, an in-house developed solution to assist us during Social Engineering Assessments.
The following tasks will be carried out during the reconnaissance and planning phase:
This central phase consists of the effective execution of test that are defined upfront and agreed to.
If wizlynx group discovers serious gaps and weaknesses, the customer will be informed immediately so that any emergency measures can be implemented in a safe and timely manner.
The following tasks will be executed in this phase:
Weaknesses and significant risks to Information Security (the "human factor") will be interpreted, evaluated and judged.
All findings will be documented in the final report and compared with a strengths/weaknesses profile against the international standard for IT Security ISO 27001. The identified weaknesses will be assessed and supplemented with recommendations and remediation actions, as well as prioritized according to the risk associated. The final report will be discussed during a presentation with the customer. The report will include a comprehensive and meaningful C-level summary of the executed Social Engineering Assessment. It will also include all detailed results with respective evidence and recommendations for future security measures based on the results.