CLA provides assessments to test whether employees are providing information that can be used to hack your organization.
What’s on your mind?
- Ensuring that your employees know and understand how to protect sensitive information
- Knowing whether your administrative, physical, and technical safeguards are effective
A unique approach
CLA can conduct a social engineering assessment in either a blind or an informed testing manner. We will work with your company’s designated liaison(s) to determine areas of risk and define the approaches to test the effectiveness of your controls.
Using publicly available information (and data provided by the company during informed testing), we will use various methods to gain privileged access to sensitive data, systems, and facilities. These methods include:
- Pre-text phone calls, emails, and penetration testing
- Impersonation and facilities intrusion, by “tailgating” employees to gain access into a building
- “Seeding” (embedding small invasions that could grow)
If physical access is attained, we will attempt to:
- Obtain unsecured documents, hardware, or facility access cards
- Plant wireless access points, hardware keystroke loggers, or “seed” devices
- Utilize unoccupied spaces to connect to the internal network
- Acquire and remove document destruction boxes
Social engineering services
- Identify gaps in employee understanding and application of policies and procedures
- Identify weak or non-existent policies
- Highlight how gaps result in technical access to systems and the loss of confidentiality or integrity of information
- Offer recommendations to improve your organization’s security posture by positively affecting staff security awareness
- Collaborate with your IT team to develop a stronger internal defense
- Minimize the impact of a ransomware attack with a preparedness assessment
InsightsSee All Insights
Blog 11/7/2022Meta Pixel Privacy Concerns
Blog 10/31/2022Shadow IT and Rogue Applications
Article 10/19/2022Microsoft 365 Security — Where the Default Isn’t What You Want
Blog 10/18/2022Vendor Management – Outsourcing the Task, Not the Risk
Blog 10/13/2022Microsoft 365 Security: Is Your Organization’s Data Safe?
Blog 10/6/20222022 Cybersecurity Awareness Month at CLA!
EventsSee All Events
Event 2/14/2023 – 2/17/2023ITEXPO 2023