Measure the Current Level of Security Awareness in Your Company

Letter with biohazard

Phishing test

A very realistic phishing attack carried out on your employees. Features a click-rate measurement and comparison with other companies.

Usb stick

Planted USB sticks

“Drop” a few USB sticks here and there and measure how often they’re plugged into your IT systems.

Target

Industrial espionage attacks

The premium class. We use social-engineering methods to simulate a realistic industrial espionage attack – right up to access to your crown jewels

Measure Security Awareness with the Right Instrument

Many of today’s serious cyber attacks start with a targeted phishing attack. Simulate a phishing attack on your company in order to test security awareness. The package we supply comes with a Security Check:

  • Professional design of the phishing e-mail and website.
  • Hosting for the phishing website.
  • Professional consultation at the planning stage (who ought know about the simulated phishing attack? Who must know? Will you terminate the test? If yes, when?).
  • Templates for internal communication to accompany the attack.
  • Evaluation of the click rate.
  • Ranking of the result in comparison with the average.

This type of phishing test is an ideal start to a security-awareness campaign:

  • It creates personal concern.
  • It shakes up employees and managers.
  • It delivers a key initial value for security awareness before the initiation of awareness-creation measures.

USB sticks are popular advertising tools in marketing but also among cyber criminals. Test your employees to see if they can resist the temptation. The package we supply comes with a USB Security Check:

  • Professional consultation at the planning stage (who ought to know? Who must know?).
  • Preparation of the USB sticks, which are individually tailored to your infrastructure.
  • Functionality test.
  • Measurement and evaluation of the plug-in rate.
  • Ranking of the result in comparison with the average.

This type of USB test can only measure awareness on a random basis but it nonetheless delivers clear indicators of the risk situation in your company as well as arguments for protecting USB ports.

We simulate a realistic industrial espionage attack on areas of your company that are chosen and agreed in advance. In the attack, which forms part of an assessment, we try to obtain access to confidential data and manipulate it, or to document a potential sabotage of operating facilities.

This type of assessment is usually carried out in three stages:

  1. Legal and illegal access to the company with an analysis of the effectiveness of the physical infrastructure and security services.
  2. An attack on employees using social-engineering techniques in order to obtain confidential information (e.g. usernames and passwords).
  3. Documentation of access to business-critical systems and the theft of hardware and confidential information (e.g. documents, CDs, etc.)

Simulated attacks are highly professional and carried out in close co-operation with clients. You maintain full control during the entire assessment.

The advantages for you

You receive:

  • a description of the current corporate-security situation and level of security awareness among employees and managers,
  • documentation of potentially critical weak points (with videos and photos) and ways to deal with them,
  • an excellent basis for creating awareness among managers and employees, as personal concern is significantly increased (particularly in the event of a successful attack).

Additional information is available at https://www.hvs-consulting.de.

Interested in a phishing attack or social-engineering assessment?

Then call us on (+49 89 890 63 62-0) or send us a message.