Social Engineering is the exploitation of human nature. It involves the use of deceptive or manipulative attacks on people to gain access to facilities and/or systems. Far too often, the human element is overlooked as being the weakest link in information security. Time and energy is spent on securing the technology that support organizations yet little is spent on informing employees about their expected behavior with the organization’s information assets. Social engineering is an effective test to validate an organization’s security awareness program.
- Familiarize yourself with Social Engineering Techniques used by attackers
- Learn how to combat Social Engineering attacks
- Identify key controls to implement to prevent successful attacks
About Brett DeWall and Zachary Davis
About Brett DeWall
Brett is an Senior Information Security Consultant in the CliftonLarsonAllen LLP (CliftonLarsonAllen) Information Security & Advisory Services Group. Currently Brett performs Onsite & Remote Social Engineering, Internal & External Vulnerability Assessments, and Wireless Testing. His industry experience includes financial services and non-profit.
Prior to joining CLA, Brett worked as an Internet Support Technician for one of the largest independent telecommunication providers in the nation. Brett graduated from Saint Cloud State University (SCSU) with a Bachelor of Science in Information Systems. Brett is currently certified in Offensive Security Wireless Professional (OSWP) and Offensive Security Certified Professional (OSCP).
About Zachary Davis
Zac is an Information Security Consultant at CliftonLarsonAllen LLP (CliftonLarsonAllen) in the Information Security & Advisory Services Group. Zac gained experience with enterprise resource management systems while working for a large security system manufacturer in the twin cities area.
Zac specializes in network penetration tests including Internal and External Vulnerability Assessments and Social Engineering Assessments (onsite and remote). Additionally, Zac has extensive experience in IT Auditing and Risk Assessment procedures in support of regulatory and compliance standards such as FFIEC Cybersecurity Governance, HIPAA, Sarbanes Oxley, and The NIST Framework for Improving Critical Infrastructure Cybersecurity.
Zac graduated from Saint Cloud State University with a Bachelors’ of Science in Information Systems with an emphasis in Information Security.
