Overview

Although training is an integral part of any job role, it’s normally at a point in time, and the employee is primed and ready for the testing that’s conducted at the time of training. To be able to spot a cyber attack, employees need to be constantly vigilant. Security awareness training isn’t delivered in a traditional manner, so the testing must be bespoke, varied and regular.

The training is based around educating employees on cyber security hygiene and the various methods utilised in social engineering. The sophistication of attacks has evolved significantly, but in many cases, the training and testing provided doesn’t reflect this. Our security experts have the experience and breadth of knowledge to deliver a successful training programme.

Types of Social Engineering

 A strong security awareness programme needs to address basic security training in the first instance, to reduce the success of pretexting at the reconnaissance stage. To combat both insider and external malicious threats, employees need to be able to identify different types of social engineering.

  • Phishing

    A broad attack that casts a wide net, hoping to trick people into giving out information

  • Spear Phishing

    A phishing attempt targeting a specific person / job role / company

  • Whaling

    A phishing attempt targeting a specific high value person

  • Smishing and Vishing

    Smishing directs someone to click on a link in a text, while vishing is done via a phone call

  • Social Media Phishing

    Using social media to direct someone to click on a link

  • Tailgating/Piggybacking

    Tricking someone into allowing you physical access to a building/room

  • Phishing

    A broad attack that casts a wide net, hoping to trick people into giving out information

  • Spear Phishing

    A phishing attempt targeting a specific person / job role / company

  • Whaling

    A phishing attempt targeting a specific high value person

  • Smishing and Vishing

    Smishing directs someone to click on a link in a text, while vishing is done via a phone call

  • Social Media Phishing

    Using social media to direct someone to click on a link

  • Tailgating/Piggybacking

    Tricking someone into allowing you physical access to a building/room

Say goodbye to unengaging training content. By working with us at Data Connect, you can expect to have the following formats used within your training programme:

  • Customised content
  • Interactive training modules
  • Games and quizzes
  • Videos
  • Posters
  • Newsletters
  • Remediation training

Check your employees are best prepared for all eventualities with the use of various testing methods, to verify that training has been successful:

  • Phishing alert button
  • Bad link phishing simulation
  • QR code testing
  • Credential harvesting
  • Customisable landing page
  • Simulated malicious attachments
  • USB attack simulations

vSOC Aware Benefits

A successful training programme builds a strong cyber security culture within your organisation. There are many tools we can utilise, along with our practical day-to-day experience, to deliver a flexible training plan that reflects real-world events.

EXPERIENCED SECURITY TRAINERS

Our security experts are experienced at training organisations of all sizes and from different industries. They can offer ongoing support throughout the training regime and beyond.

BESPOKE PROGRAMME

The team considers your entire environment – such as departmental structure, attitude to risk, high-risk job profiles, supply chain and the nature of the business – to design a bespoke strategy.

LARGEST TRAINING LIBRARY

Have confidence that your staff can use our mixed and engaging material to learn about the new methods and trends threat actors are using to attack organisations.

REAL-WORLD SCENARIOS

Often, awareness training and phishing simulations can be outdated. However, we recognise the importance of using realistic and current phishing simulations to minimise your risk exposure.

EXTENSIVE CAMPAIGN ANALYSIS

The results of the campaign are reviewed to see who was susceptible to the attack; more targeted training can then be given to the relevant users.

POSITIVE REINFORCEMENT

To avoid employees feeling threatened during testing, positive reinforcement is at the core of our approach; for example, a phishing alert button congratulates employees who report phishing simulations.

vSOC Connect Console

Our sleek console allows you to integrate, manage and monitor all the cyber security services you’ve taken, providing you with ongoing assurance that your organisation is protected. With the vSOC Aware service, there’s a range of functions available:

  • Receive 24×7 visibility of staff statistics, departmental reports, improvement suggestions, phishing simulations and training campaigns
  • Gain access to an executive view showing your company’s overall risk score and the riskiest employees or departments, to ensure the appropriate actions can be taken
  • Find statistics for every completed training course and phishing campaign, and map the progress of your employees over time
  • If you need assistance, you can easily contact our security support team to help with your bespoke training programme, console assistance or the results of campaign analytics

 

Timeline

Baseline Testing Initial phishing attack to access the susceptible percentage of users
Training Users Using varied and interactive content, we will prompt your users to complete the recommended modules
Test Users Using a blend of simulated and physical techniques, we will test the effectiveness of the training
Analyse Results Detailed results are presented in the vSOC Connect Console and discussed with you
Adapt Approach Future campaigns will be tailored, taking into account the results, trends and high-risk job roles

Services

vSOC Assure
vSOC Alert
vSOC CERT
vSOC Manage
vSOC Recon

FAQs

Here are a few examples of what can happen if your organisation falls victim to a threat actor:

  • Malware/Ransomware
  • Data Breach
  • Supply chain attack
  • Sabotage systems
  • Stolen IP and money 
  • Reputational Damage