Tailored Security Awareness Briefings (Cyber/Physical)
With decades of experience in education and training at all levels, we can design an appropriate program for your employees that is both engaging and informative. It is important to note security has two sides, physical and cyber. Some of the basic concepts apply to both, but they become very different quickly. The most requested training programs involve email-based threats, phishing, spear phishing, ransomware and social engineering.
Cyber Security Awareness
“Bad” guys are extremely adept at “hacking” the human. They prey on human error, which is often times unwitting. Through training Arruda Group attempts to change employee behavior and build a security focused culture, one in which employees understand what is at stake. This training seeks to educate employees on current Cyber Threats such as Ransomware, Business Email Compromise, Credential Stuffing, and Social Engineering. The solution to this problem is not purely a technical one, employee training is the best return on investment with regard to Cyber Security spending.
Hidden Social Media Threat
Social Media fuels Cyber Crime!!! As a society, we live our lives on Social Media and the criminals take full advantage of this. Learn how, terrorists, criminals, and spies, “bad guys” take the seemingly innocuous information your employees post online and use it to compromise your company’s network. Specifically, you will see how these “bad guys” are able to take this information to create infected emails/documents that will be opened. In these instances, it does not matter how robust your IT budget is, because the offender has totally bypassed it.
Social Media Vulnerability Assessment (SMVA)
We analyze an organization’s Internet presence, including employee Social Media, through the lens of a “bad” guy to show how they can use this information to break into the organization. The findings are assimilated in a training session for the organization. This approach has been very successful in educating employees on the threat associated with social media and email. It has sparked a number of policy discussions at different organizations.
C-Suite Cyber Education
The first order of business for the C-Suite and the Board is to explain the rolls of the CTO and the CISO. They are two completely different individuals. One is responsible for technology and the latter security. Their jobs may overlap in some places, but that is where it ends. The next point is it is no longer if your network is compromised, it is when you discover the compromise. Our roll is not to create cyber security experts, but to educate the C-Suite on the reality of cyber threat.