Measure the information-security of your organisation

Attackers will always look for the easiest possible way into your system, and that will often be via your own employees. Through sending malicious emails or other kinds of messages, criminal infiltrators can acquire a way into your systems. Therefore, it is essential for en organisation to have good routines and training in how to properly handle this kind of social manipulation.

To measure the level of information security in an organisation, we can simulate a realistic phishing attack, where customised emails is sent out to targets within your organisation, and the number of clicks and log-ins is saved and analysed. This way, we can find out how well your organisation can withstand different types of targeted attacks. This provides us with insights about which areas the organisation should strive to improve.

These areas are covered by a phishing campaign:

• Customised email attack
• Customised fake website
• Email attack with malware
• Collection of log in details
• Analysis of details from campaigns
• A yearly plan, with multiple campaigns of varying difficulty
• Password verification, where we verify if passwords are changed afterwards
• Anonymous or detailed rapport, depending on your preferences
• Advising and suggestions concerning training and awareness towards security

In Netsecurity, we think companies should always assume that the employees could be tricked. One of the better defence mechanisms is to give our specialised team access to a computer on the inside, and let us come up with recommendations on how you can defend your system in the best possible way, even if the employees where to make mistakes. Remember: The battle is not lost when you are hacked. Only when the attacker achieves their goal.