One of SureCloud’s core services is penetration testing. A large part of this involves our expert consultants probing clients’ networks looking for vulnerabilities that can be exploited in order to steal data, install malware or launch a ransomware attack. This ranges from the highly technical through to simple deception techniques, such as a phishing email to see how employees respond.
However, while much of the conversation within businesses focusses on the tools of cyber-attacks, another crucial component of any penetration test is social engineering. That is to say, undertaking physical reconnaissance of a business, trying to gain access to offices to gather intelligence for a plausible guise for a subsequent cyber-attack, obtain credentials, or gain access to the IT infrastructure from within the building.
To achieve this, the focus shifts away from the tools and onto people, requiring high-levels of manipulation and deception to successfully reach your goal. In essence, it is about hacking people, using psychology to gather intelligence and compromise an organization. But what does this look like, what does it entail and how is it orchestrated?
This will be the topic of a presentation from our very own Sarka Pekarova to be given at BSides Manchester this Thursday (16th August 2018), one of the UK’s leading hacker and cybersecurity conferences. The event is inclusive for everyone in the InfoSec community and organized by a handful of dedicated security professionals volunteers who give up their own time, skills and knowledge for free.
Taking place at 11.30 and titled ‘Social Engineering: Tales of the Pirate Queen’, Sarka’s presentation will talk through the psychology of a social engineering attack and how the tips and tricks she uses to probe organizations security postures.
To find out more about the BSides conference or book tickets please click here.
Learn more about our Cybersecurity Services here.
Sarka is one of the Penetration testers of SureCloud’s cybersecurity practice. Sarka previously worked as Network Rail’s security operations center engineer and later managed the same team. In roles prior to this, she worked at Fortinet and European ISP, Interoute.
Recognised by Gartner as an IRM (integrated risk management) solutions provider, SureCloud is a growing business with over 12 years’ experience, 400+ customers and a GRC (governance, risk, and compliance) renewal rate of 98%. Unlike enterprise platforms or point solution providers that force you to make technology decisions that change your business process, SureCloud is cloud-based software that flexes to your way of working. Built on a highly configurable platform, SureCloud is simple, intuitive and flexible technology that compliments process in your organization.