Social engineering attacks remain the most effective way to gain a foothold in a targeted organization. When technology holds up to the test of attack, the human element is often exploited for entry into an organization. The frequency and level of training an employee receives can thwart an attack or amplify it. An example is the Google Docs attack that occurred recently. This attack propagated to a status near that of a worm in part because people were not trained to spot the issues. This talk will discuss the dynamics of creating an effective awareness program and teach practitioners how to create and run a successful internal phishing program to measure the efficiency of the training and help keep users on their toes.
Central Park West - 6th Floor HACK NYC 2018 events@magegroupe.comSocial engineering attacks remain the most effective way to gain a foothold in a targeted organization. When technology holds up to the test of attack, the human element is often exploited for entry into an organization. The frequency and level of training an employee receives can thwart an attack or amplify it. An example is the Google Docs attack that occurred recently. This attack propagated to a status near that of a worm in part because people were not trained to spot the issues. This talk will discuss the dynamics of creating an effective awareness program and teach practitioners how to create and run a successful internal phishing program to measure the efficiency of the training and help keep users on their toes.
Code of Conduct | Press Releases |
Get Involved | Report ISSUE / BUG |
Tickets |
The Critical Infrastructure Association of America, Inc. is a 501(c)6 Not for Profit. The mission of Critical Infrastructure Association of America is to create a membership-based, trade association of like-minded cybersecurity and closely related industry professionals that work in the field of cybersecurity. The goal is to share best practices, establish and maintain high operational standards and to educate and interact with those in the cybersecurity community within public, private and governmental sectors.