This is a 2-3 hour security awareness session for both non-technical and technical employees, combined with round-the-table discussions and live 'user-friendly' hacking demos.
The focus is on uninformed users who can do harm to a company's network by responding to phishing e-mails, opening documents from untrusted media, visiting websites infected with malware, storing their login information in unsecured locations, and even giving out sensitive information over the phone. We also discuss the importance of strong password policies, pass-sentences, and two-factor authentication methods.
At the end of the session, the students should be able to understand the risks involved with social engineering and other client-side attacks, and how to act when confronted with such attacks. The students will appreciate your password policy, and will learn how to deal with it!
Included in this awareness session are 2 e-mail spear phishing campaigns...