People are considered the weakest link in cyber security. Organisations are constantly targeting by attackers/hackers to trick and deceive people into revealing sensitive information such as passwords or installing malware such as ransomware.
Recent statistics show phishing threats continue to rise. Since 2019, the number of phishing attacks has grown by 150% percent per year—with the Anti-Phishing Working Group (APWG) reporting an all-time high for phishing in 2022, logging more than 4.7 million phishing sites. According to Proofpoint, 84% of organizations in 2022 experienced at least one successful phishing attack.
Our phishing exercise will test your organisation’s ability to recognise and responds to a phishing attack. We will design a phishing programme to trick your people (including senior management and their executive assistants) into downloading malware such as ransomware, revealing confidential and sensitive information (such as usernames, password, or credit/debit card details), or making a financial transaction to the wrong recipients.
We will establish and deliver mandatory information security and privacy training considering
the evolving threats and risks to your organisation including:
Our roles specific trainings (including the Board of Directors) are aimed to provide the relevant level of IT, information security and privacy skills and knowledge required for the role of the person/s being trained to fulfil their obligations effectively and securely.
Our Training, Education and Awareness programme are tracked and compliance metrics
reported through relevant governance and must include the following as a minimum:
🗸 % of people who have successfully completed information security and privacy
mandatory training;
🗸 % Phishing emails responded to (attachment opened, linked clicked);
🗸 % Phishing emails reported;
🗸 Number of suspicious emails reported (whether malicious or not);
🗸 Number of incidents (including security) reported;
🗸 % of Information Security and IT staff whose information security knowledge and skills have been assessed as satisfying the requirements of their role.
London Risk Consulting Group Limited, a company registered in England and Wales.
Company Registration No: 10180813 | VAT Registration No: 241696984 | Registered Office: 85 Great Portland Street, First Floor, London, England, W1W 7LT