Cyber Awareness, Education & Training (CAET)

The modern cyber threat continues to evolve, developing new methodologies to target and disrupt legitimate business operations. To meet the challenge of the evolving threat landscape; commercial organisation must raise awareness of cyber issues with their management and workforce; educate on how to deal with the threat and provide simple and practical training that reinforces education.

By providing employees Cyber Awareness, Education & Training, you create a positive and proactive cyber culture that forms your last line of defence.

“Forewarned, forearmed;

to be prepared is half the victory”

– Miguel de Cervantes

The Diamond Cyber Security (DCS) Cyber AET offering covers a range of services; from executive training for Boards and C level through to Social Engineering Resilience training for your workforce.

DCS recognises that it is not only technology that can be exploited by an attacker, people are often the weakest element of a cyber defence. Using social engineering simulations coupled with awareness and education packages, organisations can raise their level of cyber maturity, better preparing themselves to combat the threat of cyber-attack.

Our AET services cover:

  • Executive Training Packages
  • Social Engineering Resilience Training & Assessment

Services

Executive Training

Cyber security is a ‘whole of business’ challenge, which requires coordinated action to ensure business continuity. Boards and executive management teams must be exposed to the growing threat, and be armed with the knowledge and skills to guide their organisations in times of cyber crisis.

DCS constructs bespoke training packages aimed at raising the cyber maturity of senior business leaders. The key themes that are explored in this training are:

  • Cyber Threat Tactics, Techniques & Procedures,
  • Threat Centric Risk
Penetration Testing Perth

Cyber Threat Tactics, Techniques & Procedures

To know how to defend their organisations, business leaders must understand the concepts involved in a cyber-attack. By gaining an understanding of the tactics, techniques and procedures of cyber threat actors, senior leadership is better able to apply their experience and knowledge to this emerging business problem.

Threat Centric Risk

The cyber threat is dynamic and complex, it represents a challenge to business that is unique. To defeat an evolved threat, business leaders thinking must also evolve.

The solution therefor lies in Threat Centric Risk, a methodology learned from the operational experience of DCS founding members.

Cyber Security Intelligence

Social Engineering Resilience

Social engineering, in the context of cyber security, refers to the psychological manipulation of people into performing actions or divulging confidential information. It is one of the key attack vectors used by threat actors early in an attack sequence. In the cyber context, the primary tool in the tool-set is broad, covering a range of methods, including spear phishing, voice fraud, and baiting & tailgating.

The DCS Social Engineering Resilience Package uses these techniques to baseline and further test an organisations resistance to social engineering vectors. The benefit in this experiential learning is seen immediately through the metrics generated by the DCS platform.  A company can measure the success of its cyber education program based on the reporting provided by DCS.

Our methods:

Spear Phishing

To ensure a realistic spear phishing campaign, extensive discovery is undertaken and tailor made for each client. The simulation program starts with non-targeted generic emails, escalating through to highly bespoke, crafted spear phishing attacks to mirror a real world escalation of threat.

Penetration Testing Perth

Voice and SMS Fraud

Similar in concept to spear phishing, voice and SMS fraud focuses on phone interaction rather than email or social networking sites in order to gain information through coercion and impersonation.

Baiting & Tailgating

Based around the allure of free items, baiting is the act of directly or indirectly providing free items in hope they will be connected to a business terminal.

Tailgating is one of the hardest simulations due to its bold nature, involving the physical penetration of a client’s office space.

Applied with care, they are an advanced test of social engineering defence.

Advanced Reporting

The Social Engineering Resilience Package provides metrics on all aspects of a phishing and voice fraud campaign, enabling client organisations to measure the increasing maturity of their organisation.

Reporting metrics for each testing iteration and across the entire campaign, include:

  • Emails opened
  • Links clicked
  • Data gathered
  • Attachments downloaded