CynergisTek now offers phishing and social engineering services. These services are designed to evaluate an organization’s overall susceptibility to social engineering and phishing attacks by conducting simulated insider “attacks” and comprehensive perimeter assessments that identify areas of vulnerability. CynergisTek developed phishing and social engineering services in response to the growing prevalence of these attacks on protected health information and a lack of awareness across the industry on how to prevent social engineering and phishing attacks from being successful.
Symantec’s 2014 Internet Security Threat Report revealed that spear phishing campaigns increased 91 percent in 2013. As cyber attacks continue to increase and become more sophisticated, healthcare organizations are quickly realizing the need to take action, and many are seeking expert, outsourced support. CynergisTek offers a proactive and holistic approach to assessing social engineering and phishing threats, evaluating internal processes as well as providing actionable insights and staff education to mitigate risk and prevent these attacks from having an impact.
“CynergisTek’s phishing and social engineering service was an excellent training tool for our organization,” said Joe Egan, manager of information security at Children’s Hospital Central California. “A third-party assessment of how our policies and procedures would stack up against a real threat was eye-opening, and provided us with valuable information we can leverage to continue to enhance our security posture.”
To facilitate phishing assessments, CynergisTek utilizes a combination of insider knowledge and the latest trends in phishing to achieve a realistic scenario designed to entice employees into investigating the email and handing over restricted or sensitive information. Findings from this exercise provide insight into the workforce’s ability to take a critical eye to suspicious emails, as well as deliver detailed reporting about how far into the phishing net they went, as well as what information they might have divulged should it have been a real attack.
“Social engineering and phishing attacks are becoming more commonplace across all industries, and healthcare is no exception,” said Dr. Michael Mathews, COO at CynergisTek. “There is generally a lack of understanding of these threats and how to prevent attacks, so we are happy to be providing a service that will support healthcare organizations and their business associates in protecting the integrity of their information assets.”
Click here for a complete list of CynergisTek’s technical service offerings.