"Social Engineering: Implications for Computer Security"

Creating the Human Firewall

"Many of the most damaging security penetrations are, and will continue to be, due to Social Engineering, not electronic hacking or cracking. . . Social Engineering is the single greatest security risk in the decade ahead." The Gartner Group

SOCIAL ENGINEERING: An attack based on deceiving users or administrators at the target site. Attacks are typically carried out by phoning or emailing users and pretending to be an authorized user to gain illicit access to systems. Employee security breaches have become the single greatest security risk of the 21st century. Companies concerned about information and data security are dedicating more resources to evaluate and protect their computer and networking systems. Yet, many ignore the source of their most prevalent exposure - their employees.

Defending the Human Side of Security

Magiktek Systems has set of services designed to address the ever-changing threat of Social Engineering and low-tech attacks. Many security consultants touch on Social Engineering, but none go to the lengths we do to show you the reality of the situation facing you. Magiktek Systems will help you develop a complete culture of security.

Social Engineering Fraud and Vulnerability Audits

Your security concerns are unique - so is our approach. The Social Engineering fraud and vulnerability audits we perform are tailored to your specific needs. Our in-depth audits address the threat of Social Engineering and low-tech attacks from every angle. Our audits help you understand your weaknesses and vulnerabilities concerning:

Publicly accessible information
Policies and procedures
Phone activities
Email and web use
Employee behavior
Facilities
Security Awareness and Social Engineering Training

The easiest way to improve the security posture of your employees is with training. Magiktek Systems training is informative, interesting, and effective. Magiktek Systems training is offered in classroom settings, and in seminar format.

Crisis Response and Remediation

When a breach in security does happen, it is important that the response is swift and effective. Our Crisis Response Team will help you:

Understand exactly how the breach occurred,
Determine how widespread its impact may be,
Plan for the next steps the Social Engineer might take,
Promote employee awareness about how to respond to the current breach and future attacks by the Social Engineer.
Social Engineering Intrusion Detection

Magiktek Systems Social Engineering Intrusion Detection system is the only Social Engineering IDS (Intrusion Detection System) that can be tailor made to work within your network infrastructure. All data is presented in a Prompt-2 Dashboard, with the ability to drill down from a high-level overview to a single security incident. Magiktek Systems Social Engineering IDS monitors multiple data sources and alerts you to possible fraudulent action taking place against your organization via:

Email,
Phone,
IM / Point to Point,
Web,
Wireless,
Facility / Proximity

It seems to be a universal truth that most people don't believe Social Engineering (gaining information by deceit) could be so easy. "No one could be that stupid" is a common phrase heard from people who first learn how these types of attacks work.

However, once demonstrated (especially with some personal information of theirs) they become hard and fast believers. Just seeing it in action brings home the reality that information can leak through most any worker and that one must always be on guard.

Through one or two-day training courses, Magiktek Systems will take you through case studies, examples, and methods of social engineering. By examining how attackers gather personal information, abuse trust, and choose their targets, you can be more prepared to prevent these incidents. View the Two-Day Social Engineering Course Outline and see how Magiktek Systems will help guide you and your company towards policy, security, and an informed workforce that can provide protection against future attacks on your company.