WOW, this topic is so huge it took not one, but two episodes of The Help Me With HIPAA podcast to explain the carnage. Actually, the plot started right after Donna and David recorded Ep. 320, Social Engineering Tricks with William Price. Donna and David thought it would be a great idea to test the Kardon and Security FirstIT teams with a socially engineered attack.
What the heck is social engineering? Is it when an engineering student opens her first Linkedin account? No, it is the act of manipulating a person into performing actions or divulging confidential information. In simple terms, it is when a bad actor targets a person to give up information and enables the bad actors to gain even more access into personal accounts or business accounts for financial gain, harm to your reputation, etc.
In the We are under attack! – Ep 328 podcast episode, Donna and David discuss how they hired William Price to socially engineer each team and then discuss the results of the controlled attack. We are happy to report William did not get very far with either team. The security awareness training that Kardon and SecurityFirst IT has in place worked. But, if you want the inside track to how Kardon’s team reacted to the attack, listen to the HMWH Thanksgiving Team Discussion – Ep. 332. Christa, of course, jumped into action. Karla started shooting out text and emails to inform the team of the attack. Elizabeth just stopped touching her keyboard for 2 weeks. Donna was just sitting back enjoying the chaos. Take a listen for a good laugh. Oh and don’t worry, Karla sprinkles in great nuggets of ways to improve your security awareness training program.
Threats to privacy and security are everywhere. This attack on our teams was just a test run. As well as we did, there is always room for improvement. We are happy to report our security awareness training worked… this time. It only takes one misstep to fall victim to an attack. How is your training program working? Do you think your team would successfully spot and act appropriately to an attack? It’s a great idea to hire someone to do a “controlled attack” to reveal the holes in your security program or help you improve it. You would rather find out how vulnerable you are during a fake attack than a real one. Keep listening to The Help Me With HIPAA podcast for tips that can help you protect yourself, your business.