Latest news
Wombat released its social engineering training module to defend against social engineering threats, including spear phishing and social media-based attacks.Commonly defined as the art of exploiting human psychology to gain access to buildings, systems or data, social engineering is evolving so rapidly that technology solutions, security policies, and operational procedures alone cannot protect critical resources.
A recent Check Point sponsored survey revealed that 43 percent of the IT professionals surveyed said they had been targeted by social engineering schemes. The survey also found that new employees are the most susceptible to attacks, with 60 percent citing recent hires as being at "high risk" for social engineering.
A combination of social engineering assessments, which stage mock attacks on employees for the purposes of training, and a library of in-depth training modules to educate and reinforce concepts, work together to deliver measurable employee behavior change. Employees who fall for mock attacks are very motivated to learn how to avoid real attacks.
The social engineering training module explains the psychology behind these attacks, and gives practical tips for recognizing and avoiding them, which employees apply immediately during the training to lengthen retention.
The social engineering training module is the latest module available in Wombat's Security Training Platform that helps companies foster a people-centric security culture and provide security officers with effective education tools.
With the platform, security officers can:
- Take a baseline assessment of employee understanding
- Help employees understand why their security discretion is vital to corporate health
- Create a targeted training program that addresses the most risky employees and/or prevalent behaviors first
- Empower employees to recognize potential threats and independently make correct security decisions
- Improve knowledge retention with short interactive training sessions that work easily into employees' busy schedules and feature proven effective learning science principles
- Monitor employee completion of assignments and deliver automatic reminders about training deadlines
- Show measurable knowledge improvement over time with easy-to-read reports for executive management.
Spotlight
Is it time to professionalize information security?
Posted on 23 May 2013. | The issue of whether or not information security professionals should be licensed to practice has already been the topic of many a passionate debate.
Review: Logging and Log Management
Posted on 22 May 2013. | Every security practitioner should be aware of the overwhelming advantages of logging and perusing logs for discovering system intrusions. But logging and log management comes with its own set of difficulties.
Experts highlight top data breach vulnerabilities
Posted on 22 May 2013. | Hidden vulnerabilities lie in everyday activities that can expose personal information and lead to data breach, including buying gas with a credit card or wearing a pacemaker.
A closer look at Mega cloud storage
Posted on 21 May 2013. | Once a novelty, nowadays many cloud storage services are fighting for their piece of the market in the virtual world. Mega offers 50GB of free space with great pricing on Pro accounts.
The CSO perspective on healthcare security and compliance
Posted on 20 May 2013. | Randall Gamby is the CSO of the Medicaid Information Service Center of New York. In this interview he discusses healthcare security and compliance challenges and offers a variety of tips.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
