Security Awareness Training

Instructor-Led Course (1 days)

Course Description:    Social Engineering;

The Human Factor or the weakest link

 

This course is not specifically targeted to IT or security personnel alone but rather is designed to teach the participants the skills used by Social Engineers to facilitate the extraction of information from an organization using technical and non-technical methods.

 

Computer fraud, black-hat hacking, cyber-terrorists; these new phrases describe an innovative generation of criminals that use over-the-wire technology to attack us, steal from us and terrorize us. However the best tool in their arsenal is not new. It is only used by the most experienced, the most dangerous the boldest hackers. It is called Social Engineering which is a term that may have been coined by the Nazi’s prior to World War II. It simply means deception. Deception and the Nazi’s; the terms fit together.

 

Does it work? Can seemingly smart people be easily deceived? Kevin Mitnick, who served five years in prison for repeated hacking said in testimony before Congress on the subject of Social Engineering, “I was so successful with that attack that I rarely had to resort to a technical attack.”

 

What people fall for such an attack and who do they work for? People like the U.S. Military, Pacific Bell, and the FBI.

 

Security professionals are well aware of the danger of these attacks and of the type of individuals that do the attacking and of the techniques that can help to harden an organization against a Social Engineering attack. So the ultimate question is why? Why if these things are known do the attacks still work?

 

We contend that it is the manner in which the threat is communicated to the every day non-security, non-technology personnel that are the Social Engineer’s targets and the manner in which they are trained to prevent such an attack.

 

Upon Completion:

 

Our program is innovative and trains your people how the attacks are performed, the skills necessary to perform an attack, how to train people to identify an attack but most importantly: How to train internal targets so that the training is effective and lasts.

 

Course Benefits:   Warning!

  • This is an interactive class

  • You will need to think, react and observe.

  • You need to be introspective

  • You may have some uncomfortable moments

  • Technical Expertise may be of small value.

  • You are going to be converted into a………. "Social MatialArtist™"

 

What You Will Learn:

  • What motivates a Social Engineer
    • How you react to a threat
    • What plans you have for threats
    • The two general categories of motivation
  • Why people help Social Engineers
    • The difference between knowingly and unknowingly.
    • The difference between known and unknown
    • How we are all wired to fall for a Social Engineer
  • How to plan a Social Engineer attack.
  • How to analyze your culture
  • Why the door may need to be partially open.
  • Developing your Defense Plan
    • Getting Employee Buy-In
    • How to do Identify your Small Group Leaders
    • How to Make Them Retain the Skills!

     

Prerequisites:

  • None

Follow-on Classes:

  • CISSP - Certified Information Systems Security Professional - 5 Days

  • Security Certified Program SCNP SCNA

  • Security Architecture

  • Security Access Control & Intrusion Detection

  • ITIL Security Management

  • CWSP Certified Wireless Security Professional

The Instructor is the Key:

 

Ruben Liceaga has over a dozen industry certifications, in excess of thirty years in technology, has held senior management positions and consulted to governments and Fortune 500 companies. That makes for some interesting anecdotes but it has little if any bearing on the effectiveness of this course. What makes the course work is the other experiences that Ron has had. The other fields of study he has pursued and his unique training style and expert communication skills.

 

Ruben will tell you about his first encounter with a successful Social Engineering penetration on the battle fields of Viet Nam and how that experience stuck with him causing him to develop the strange area of interest in which he studies deception, deceptive techniques their effectiveness and prevention.

 

Ruben couples this expertise with years in front of the public, training, lecturing, selling, acting, all requiring successful communicating. He knows what works, what doesn’t, and why. His experience is both academic from countless hours of study and practical from literally thousands of hours in front of audiences.

 

You will laugh, think, be challenged, learn the subject and also learn how to teach what you learn to others.

Course Information:

 

Various sample deliverables are offered utilizing public domain templates, checklists, and forms. Templates will change continuously adapting to changes in the disaster planning and recovery industry.

 

Please note that this is not a class that will explain the very intricacies of each and every technique and template available.

 

NCS Data Systems consultants constantly revise information used in this class.

 

To enroll in the class or for further information and class schedules please contact us via training@ncsdata.net

 

 

 

 

 

 

 

 

 

copyright 2004,2005 - NCS Data Systems, LLC© -

            a Newhart Communication Services Company