Got phished? Of course you have…whether you know it or not!
As with penetration and vulnerability testing and any other form of security assessment, you need to be performing email phishing tests on your users – all of them, including executive management – on a periodic and consistent basis. I’m doing more and more of this work and the results that I’m finding are astounding…to the point that all other security testing could be stopped and existing security technologies could be eliminated unless and until this situation is under control. I’m finding these gaping holes in IT and security programs not because I’m smart…I just use good tools and know what to do/say beyond traditional email phishing testing – which, by the way, stinks out loud in most organizations and serves as a mere checkbox item.
I’m not going to give away all of my secrets – that’s what my independent email phishing consulting services are for. But I will share with you some insight and tips that you’re probably not going to find elsewhere or that might require some painstaking “experience” to learn otherwise. Here you go:
Be sure to check out to all of my other information security resources on my website when you get a chance. Cheers!
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”