Social Engineering Awareness and Training

<!DOCTYPE html> <html lang="en"> <head>  <script async src="https://www.googletagmanager.com/gtag/js?id=G-EY64M9QQ17"></script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'G-EY64M9QQ17'); </script> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1">  <title>Social Engineering Awareness and Training | Cyber Risk GmbH</title> <meta name="description" content="Cyber Risk GmbH provides specialized social engineering training and assessments to help organizations identify, prevent, and respond to social engineering attacks. Empower your employees to recognize phishing, pretexting, and other manipulation tactics used by cybercriminals, State-sponsored groups, and foreign intelligence agencies."> <meta name="keywords" content="social engineering training, social engineering awareness, phishing prevention, social engineering assessments, cyber attack prevention, employee security training, social engineering defense, cybersecurity awareness, phishing training, Cyber Risk GmbH social engineering, social engineering in Switzerland"> <link rel="apple-touch-icon" sizes="180x180" href="apple-touch-icon.png"> <link rel="icon" type="image/png" sizes="32x32" href="favicon-32x32.png"> <link rel="icon" type="image/png" sizes="16x16" href="favicon-16x16.png"> <link rel="shortcut icon" type="image/x-icon" href="favicon.ico"> <link rel="manifest" href="manifest.json"> <meta name="msapplication-TileImage" content="mstile-150x150.png"> <meta name="theme-color" content="#ffffff">  <link href="css/bootstrap.min.css" rel="stylesheet"> <link href="css/style.css" rel="stylesheet">  <link href="https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css" rel="stylesheet"> <link href="https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap" rel="stylesheet">  <link rel="stylesheet" href="css/owl.carousel.css"> <link rel="stylesheet" href="css/owl.theme.default.css">  <script src="js/jquery.min.js"></script> <script src="js/owl.carousel.js"></script> <style> .wrapper-banner { background: url("Social_Engineering_147.jpg"); background-size: cover; background-position: center; } </style> <link rel="stylesheet" href="./style2.css"> <style> body { color: black; } </style> <style> a:link { color: blue; background-color: transparent; text-decoration: none; } a:visited { color: blue; background-color: transparent; text-decoration: none; } a:hover { color: red; background-color: transparent; text-decoration: underline; } a:active { color: blue; background-color: transparent; text-decoration: underline; } </style> </head> <body>  <div class="wrapper-menu"> <nav id="header" class="navbar navbar-fixed-top"> <div id="header-container" class="container navbar-container"> <div class="navbar-header"> <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar" aria-expanded="false" aria-controls="navbar"> <span class="sr-only">Toggle navigation</span> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </button> <a id="brand" class="navbar-brand" href="https://www.cyber-risk-gmbh.com/"> <img src="images/logo/CyberRisk5FINALFINAL.png" alt="Cyber Risk GmbH, Cyber Risk Awareness and Training" width="240" class="img-responsive">  </a> </div> <div id="navbar" class="collapse navbar-collapse"> <ul class="nav navbar-nav"> <li><a href="https://www.cyber-risk-gmbh.com/About.html" target="_blank">About</a></li> <li><a href="https://www.cyber-risk-gmbh.com/Training.html" target="_blank">Training</a></li> <li><a href="https://www.cyber-risk-gmbh.com/Board.html" target="_blank">For The Board</a></li> <li><a href="https://www.cyber-risk-gmbh.com/Assessment.html" target="_blank">Assessment</a></li> <li><a href="https://www.cyber-risk-gmbh.com/Reading_Room.html" target="_blank">Reading Room</a></li> <li><a href="https://www.cyber-risk-gmbh.com/Contact.html" target="_blank">Contact</a></li> <li><a href="https://www.cyber-risk-gmbh.com/Cyber_Risk_Links.html" target="_blank">Cyber Risk Links</a></li> <li><a href="https://www.cyber-risk-gmbh.com/Impressum.html" target="_blank">Impressum</a></li> </ul> </div>  </div>  </nav>  </div> <div class="container-fluid wrapper-banner"> <div class="container"> <div class="top-banner"> </div> </div> </div> <br> <br> <div class="container-fluid projects-wrapper"> <div class="container"> <div class="row"> <div class="section-title"> <h1>Social Engineering Training</h1> <br> <br> <p class="text-left"><b>Cybersecurity is not only a technical challenge.</b> <p class="text-left">It is also a behavioral challenge. As long as managers and employees can provide access to systems and data, cybersecurity depends on them too.</p> <p class="text-left">Employees that have access to critical assets of an organization, become targets. Those that have access to technology and organizational assets are also responsible for the protection of those assets. Are they fit and proper to handle this responsibility? Do they have the awareness and skills necessary to protect themselves and their organisation?</p> <p class="text-left">We offer specialized social engineering training and services aiming to develop the organizational human firewall. Our training programs and services can also be provided remotely.</p> <br> <img src="Social_Engineering_Christina_Lekati.JPG" alt="Social Engineering Training: Christina Lekati" width="600" height="399" class="img-responsive"><br> <br> <p class="text-left"> <b>Training program: Social Engineering and Open-source Intelligence for Security Teams</b></p> <p class="text-left"> <b>Overview</b></p> <p class="text-left"> Social engineering attacks continuously remain at the top of the threat landscape and data breach reports. But although these reports tend to simplify many breaches as the result of a successful phishing attack, the reality we get from current threat research is evidently more complex. Social engineering attacks have been evolving. Today, the pathway that leads to that successful phishing email is often the result of a larger attack kill chain based on target research and good open-source intelligence that helps attackers identify organizational vulnerabilities in an often-multi-layered methodology.</p> <p class="text-left"> We stay ahead of this threat by understanding and acquiring the skills necessary to disrupt attack verticals and become a “difficult target”.</p> <p class="text-left"> In this threat landscape, it is paramount for security professionals & teams to better understand how social engineering works, and how to proactively identify and disrupt attack verticals.</p> <p class="text-left"> This hands-on training provides participants with the necessary skills & knowledge on open-source intelligence, weaponized psychology, and the most recent social engineering tactics, techniques and procedures (TTPs). It helps security teams build better protective measures (proactive & reactive) and to inform their security strategy.</p> <br> <p class="text-left"> <b>Class Flow</b></p> <p class="text-left"> Each module of this training is designed to support the next one. </p> <p class="text-left"> We start by learning what social engineering is, and the types of frequently-used social engineering attacks that we have been observing. Real-life case studies are presented and analyzed. </p> <p class="text-left"> We move on to more practical parts: How did these attacks come to life? What was the background information that they were built upon, and what elements made them successful? Most often, good social engineering is based on excellent intelligence, most of which is collected from open sources. </p> <p class="text-left"> During the open-source intelligence (OSINT) modules, participants get to see where and how attackers collect people and business information, what tools they use, and how to combine and analyze that information into intelligence that produces useful insights. We focus on two main areas: OSINT for business details and for persons. </p> <p class="text-left"> We move on to more complex attack methodologies, and emerging threats. Participants will also get to learn how AI technology impacts threat actor capabilities. We will practice on the theory through hands-on exercises.</p> <p class="text-left"> During the last part of the class, we will discuss what security professionals can do to improve their security posture against social engineering attacks on a strategic and tactical level. We will discuss reducing risk, becoming a less attractive target, informing the security strategy, and responding to social engineering attacks. </p> <p class="text-left"> ***Practical exercises are included throughout the class.*** </p> <br> <p class="text-left"> <b>Target Audience:</b></p> <p class="text-left"> This workshop is beneficial to security teams and professionals working in companies and organizations of the public and private sector.</p> <br> <p class="text-left"> <b>Duration:</b></p> <p class="text-left"> 4 hours (half day) to 2 days, depending on the needs, the content of the program and the case studies. We always tailor the program to the needs of each client.</p> <br> <p class="text-left"> <b>Instructor:</b></p> <p class="text-left"> Christina Lekati, psychologist, social engineering training expert. To learn about her you may visit: <a href="https://www.cyber-risk-gmbh.com/About_Christina_Lekati.html" target="_blank">https://www.cyber-risk-gmbh.com/About_Christina_Lekati.html</a> <br> </p> <br> <p class="text-left"> <b> Training outline:</b></p> <p class="text-left"><b>Introduction.</b><br> 1. Case study. <br> 2. Attacking the human – OSINT, good social skills, and the right technology. <br> 3. The current threat landscape. <br> 4. Ethics. </p> <br> <p class="text-left"><b>Social Engineering – Classic Attack Vectors and Their Evolution.</b><br> 1. Phishing, vishing, and impersonations (may be covered briefly – depending on previous knowledge). <br> 2. Frequent social engineering pretexts. <br> 3. Cases & examples from real life attacks. <br> 4. The OSINT data behind the attacks discussed </p> <br> <p class="text-left"><b>Social Engineering Kill-Chain. </b><br> Exercise: identify the attack chain followed in a recent, real-life attack. Correlate with cases previously discussed and note the patterns. </p> <br> <p class="text-left"><b>Weaponized Psychology. </b><br> 1. Influence & manipulation techniques. <br> 2. Universal triggers & our human hard wiring. <br> 3. Perception manipulation. <br> 4. Cognitive functions in spotting attack attempts. <br> 5. Biopsychology during a suspicious encounter </p> <br> <p class="text-left"><b>Open-Source Intelligence (OSINT). </b><br> 1. OSINT as a risk identification & mitigation tool. <br> 2. Creating social engineering attacks based on good OSINT. <br> 3. Setting up your workspace & tools. <br> 4. Elements of OSINT - using tools wisely </p> <br> <p class="text-left"><b>Business OSINT. </b><br> 1. Search Techniques. <br> 2. Discovering sensitive files & documents.<br> 3. Finding physical security vulnerabilities. <br> 4. Collecting important information on the company. <br> 5. Supporting tools. <br> 6. Creating an organizational chart. <br> 7. Identifying the internal hierarchical dynamics. <br> 8. Internal culture & relationships. <br> 9. Incorporating the intelligence collected within a social engineering kill-chain scenario. </p> <br> <p class="text-left"><b>People OSINT. </b><br> 1. Finding contact details (email addresses & phone numbers). <br> 2. Identifying key people. <br> 3. Social media intelligence (SOCMINT). <br> 4. Who makes a good target? <br> 5. How to identify overwhelmed employees/departments. <br> 6. Tailored attacks: Profiling people. <br> 7. Case studies. </p> <br> <p class="text-left"><b>Elaborate Social Engineering Attacks. </b><br> 1. Hybrid attacks; types. <br> 2. Case studies. <br> 3. Why did they work? How do we disrupt them? <br> 4. Targeted, tailored attacks. <br> 5. Kill-chain of tailored attacks. <br> 6. APTs & long-term social engineering. </p> <br> <p class="text-left"><b>Weaponizing Psychology on Specific Targets. </b><br> 1. Individual psychological triggers. <br> 2. Engaging a key person online & offline. <br> 3. Elicitation techniques. <br> 4. Why do these campaigns work? <br> 5. Examples.<br> 6. Defense measures.</p> <br> <p class="text-left"><b>Artificial Intelligence & The Evolution of Attacks.</b> <br> 1. The near-term impact of AI on threat actor activities. <br> 2. AI-enhanced: <br> i. Targeting & reconnaissance. <br> ii. Phishing campaigns. <br> iii. Deepfakes; vishing & impersonations. <br> 3. Capabilities & Limitations: A Realistic View. </p> <br> <p class="text-left"><b>Disrupting Social Engineering Attacks & Creating a Defense Strategy. </b><br> 1. Thinking & acting strategically. <br> 2. OSINT: identifying, managing, and eliminating risks. <br> 3. Minimizing or disrupting social engineering attack verticals. <br> 4. The 4 layers of defence against social engineering. <br> 5. Organizational best practices. <br> 6. Employee awareness; benefits & limitations. </p> <p class="text-left">Closing Remarks. </p> <p class="text-left"><b>**Exercises are included throughout the class**</b> </p> <br> <hr> <p class="text-left"><b>Other training programs</b> </p> <br> <img src="2_Social_Engineering_Awareness_Defense_B.jpg" alt="Social Engineering Training: Awareness and Defense" width="600" height="399" class="img-responsive"><br> <br> <p class="text-left"> <b>a. Social Engineering Training: Awareness and Defence.</b></p> <p class="text-left">You may visit: <a href="https://www.cyber-risk-gmbh.com/2_Social_Engineering_Awareness_Defence.html" target="_blank">https://www.cyber-risk-gmbh.com/2_Social_Engineering_Awareness_Defence.html</a> <br> </p> <hr> <br> <img src="3_Practical_Social_Engineering_Defense_Protection_B.jpg" alt="Practical Social Engineering Training" width="600" height="399" class="img-responsive"> <br> <br> <p class="text-left"><b>b. Practical Social Engineering Defence: Protection of Sensitive Information.</b></p> <p class="text-left"> You may visit: <a href="https://www.cyber-risk-gmbh.com/3_Practical_Social_Engineering.html" target="_blank">https://www.cyber-risk-gmbh.com/3_Practical_Social_Engineering.html</a> <br> </p> <hr> <br> <img src="Peace_of_Mind4.jpg" alt="Social Engineering Training Peace of Mind" width="600" height="399" class="img-responsive"><br> <br> <p class="text-left"><b>c. Social Engineering Training – Peace of Mind Service</b></p> <p class="text-left">You may visit: <a href="https://www.cyber-risk-gmbh.com/Peace_of_mind.html" target="_blank">https://www.cyber-risk-gmbh.com/Peace_of_mind.html</a> <br> </p> <br> <hr> <br> <br> <br> <br> <h3>Cyber Security Training</h3> <p>Cyber security is ofter boring for employees. We can make it exciting.</p> </div> <br> <div class="projects-row"> <div class="col-sm-3 col-md-4"> <div class="projects-info"> <div class="projects-image"><img src="images/1a.png" alt="Online Cybersecurity Training" width="350" class="img-responsive"></div> <h3 class="text-left col-md-11">Online Training </h3> <p class="col-md-10 text-left">Recorded on-demand training and live webinars.</p> <div class="read-more col-md-10"><a href="https://www.cyber-risk-gmbh.com/Online_Training.html" target="_blank">More <i class="fa fa-angle-double-right"></i></a></div> </div> </div> <div class="col-sm-3 col-md-4"> <div class="projects-info"> <div class="projects-image"><img src="images/2a.png" alt="In-house Cybersecurity Training" width="350" class="img-responsive"></div> <h3 class="text-left col-md-11">In-house Training </h3> <p class="col-md-10 text-left">Engaging training classes and workshops. </p> <div class="read-more col-md-10"><a href="https://www.cyber-risk-gmbh.com/In_House_Training.html" target="_blank">More <i class="fa fa-angle-double-right"></i></a></div> </div> </div> <div class="col-sm-3 col-md-4"> <div class="projects-info"> <div class="projects-image"><img src="images/3a.png" alt="Social Engineering Cybersecurity Training" width="350" class="img-responsive"></div> <h3 class="text-left col-md-11">Social Engineering</h3> <p class="col-md-10 text-left">Developing the human perimeter to deal with cyber threats. </p> <div class="read-more col-md-10"><a href="https://www.cyber-risk-gmbh.com/Social_Engineering.html" target="_blank">More <i class="fa fa-angle-double-right"></i></a></div> </div> </div> <div class="col-sm-3 col-md-4"> <hr> <div class="projects-info"> <div class="projects-image"><img src="images/4a.png" alt="For the Board Cybersecurity Training" width="350" class="img-responsive"></div> <h3 class="text-left col-md-11">For the Board</h3> <p class="col-md-10 text-left">Short and comprehensive briefings for the board of directors. </p> <div class="read-more col-md-10"><a href="https://www.cyber-risk-gmbh.com/Board.html" target="_blank">More <i class="fa fa-angle-double-right"></i></a></div> </div> </div> <div class="col-sm-3 col-md-4"> <hr> <div class="projects-info"> <div class="projects-image"><img src="images/5a.png" alt="Cybersecurity Assessment" width="350" class="img-responsive"></div> <h3 class="text-left col-md-11">Assessments</h3> <p class="col-md-10 text-left">Open source intelligence (OSINT) reports and recommendations. </p> <div class="read-more col-md-10"><a href="https://www.cyber-risk-gmbh.com/Assessment.html" target="_blank">More <i class="fa fa-angle-double-right"></i></a></div> </div> </div> <div class="col-sm-3 col-md-4"> <hr> <div class="projects-info"> <div class="projects-image"><img src="images/6a.png" alt="High Value Targets Cybersecurity Training" width="350" class="img-responsive"></div> <h3 class="text-left col-md-11">High Value Targets</h3> <p class="col-md-10 text-left">They have the most skilled adversaries. We can help. </p> <div class="read-more col-md-10"><a href="https://www.cyber-risk-gmbh.com/High_Value_Targets.html" target="_blank">More <i class="fa fa-angle-double-right"></i></a></div> </div> </div> </div> </div> </div> </div> <br> <br> <br> <br> <div class="container-fluid projects-wrapper"> <div class="container"> <div class="row"> <div class="section-title"> <h3>Which is the next step?</h3> </div> <div class="countdown-row"> <div class="countdown-block"> <h2>1</h2> <strong>You contact us</strong> </div> <div class="countdown-block"> <h2>2</h2> <strong>We discuss</strong> </div> <div class="countdown-block"> <h2>3</h2> <strong>Our proposal</strong> </div> <div class="countdown-block"> <h2>4</h2> <strong>Changes and approval</strong> </div> <div class="countdown-block"> <h2>5</h2> <strong>We deliver</strong> </div> </div> </div> </div> </div> <br> <br> <br> <br> <br> <br> <br> <br> <br> <img src="https://www.cyber-risk-gmbh.com/Epilogue3.jpg" alt="Cyber Risk GmbH, Cyber Risk Awareness and Training" class="img-responsive">  <script src="js/bootstrap.js"></script> <script> $(document).ready(function() { var owl = $('.cliend-logo'); owl.owlCarousel({ margin: 20, nav: true, loop: true, autoplay:true, autoplayTimeout:4000, responsive: { 0: { items: 1 }, 600: { items: 6 }, 1000: { items: 6 } } }) }) $(document).ready(function() { var owl = $('.testimonialstext'); owl.owlCarousel({ margin: 20, nav: true, loop: true, autoplay:true, autoplayTimeout:4000, responsive: { 0: { items: 1 }, 600: { items: 1 }, 1000: { items: 1 } } }) }) </script> <script> $(window).scroll(function() { if ($(document).scrollTop() > 50) { $('nav').addClass('shrink'); $('.add').hide(); } else { $('nav').removeClass('shrink'); $('.add').show(); } }); </script> </body> </html>

CINXE.COM

Social Engineering Awareness and Training | Cyber Risk GmbH