INTERNAL THREATS & SOCIAL ENGINEERING

This course looks at the methods and tricks used by professional hackers to manipulate employees into giving away information. Intruders use certain methods to find loopholes in technical defences and surreptitiously gain entry to companies.

BACK TO SECURITY-TRAININGS
  • People – a potential weakness: security course on social engineering

    Training objectives & content

    Information technology is used in so many different areas, and we have become so dependent on computers that we’ve unwittingly opened the door to new kinds of criminals and new kinds of aggressive intrusions. The threats faced by companies are no longer just sophisticated technical attacks from outside. Professional intruders now use attack vectors to cunningly manipulate company workers. To protect themselves from sophisticated attacks, companies need to be aware of the changing nature of threats and adapt their protective mechanisms accordingly.

    The aim of this course is to provide participants with an overview of threats, how intruders operate and the tools and tricks they use. Course participants will be provided with the information they need to make effective and efficient decisions regarding protective measures. To demonstrate how attacks work in practice, the course focuses on social engineering attack vectors, also sharing measures that can be introduced to protect firms from such scenarios.

    •   
    •   
    •   
    •   
    •   
    KNOWING HOW IT’S DONE

    Whether its certification training you need or an individual workshop, you always benefit from the full advantages of our know-how. We will design the right training to match your needs, for you (individually) as an expert, or as an exclusive in-house course for your company. Our experts offer all courses in German and English.

    Smilja Mateja, Training Coordination

    Key areas

    • The training begins with details of current intrusion statistics.
    • Course participants will be introduced to different groups of attackers likely to present a threat to the security of companies and organisations. This allows you to gain a fundamental understanding of the principal people of threat and what motivates them.
    • The problems and limitations of investigations by the authorities will be examined, as well as criminal prosecution.
    • Participants will be shown the key goals of securing data protection and will be introduced to protection goals from the standpoint of intruders.
    • Participants will learn the distinctions between external and internal perpetrators. You will look at different ways to deal with internal perpetrators (ERROR & FRAUD) and gain an overview of the methods used by professional attackers – so-called social engineering.
    • Course participants will be shown the nature of social engineering and how it works. Actual examples of social engineering in practice will be used, including a discussion of protective measures.
    • Tools and tricks will be introduced, looking at how they are used in connection with social engineering measures.

    TARGET GROUP OF THE SOCIAL ENGINEERING COURSE

    Managers, decision-makers and security officers

    • who need comprehensive insights into threatening scenarios and defence strategies for dealing with internal threats
    • who will be responsible for a company’s security measures

    Book early to receive an early-bird discount or apply for a group discount on course fees.

    Extra value

    LEARNING IN A PLEASANT AND FRIENDLY ATMOSPHERE

    We look forward to welcoming you to our training courses. To make it easier for you to concentrate on your course, we do everything we can to make your stay as pleasant as possible. 

    If your course lasts more than four days, we would be delighted to invite you out for the evening. This is also a useful opportunity to discuss what you have learnt or experienced with other course participants and forge friendships.

    UNIVERSITY OF STUTTGART

    Is cybersecurity a realistic goal with so many network and new connectivity solutions around? Dr Thomas Liedtke looks at this topic as part of a round-robin seminar at the software and automation forum at Stuttgart University.

    INTERESTED IN FINDING OUT MORE?

     

    WHAT THE NEW YORK TIMES SAYS ABOUT AUTOMOTIVE SECURITY

    How does automotive security work in practice if connected vehicles are basically computers on wheels? This was the question posed by the New York Times. Automotive security expert Steve Tengler, Principal at Kugler Maag Cie, digs deeper.

    INTERESTED IN FINDING OUT MORE?

    THREE KEY QUESTIONS ON CYBERSECURITY

    HOW DO I STAY ON THE SAFE SIDE? Which tasks should my company take on and which tasks can I trust business partners to take care of? At wardsauto.com (third-party website), Steve Tengler, principal and automotive expert at Kugler Maag Cie in the United States, discusses who should hold the hot potato, and the conflicting interests of security solutions.

    INTERESTED IN FINDING OUT MORE?

    Process & organisation

    Information on the training programme

    Some courses take place several times a year as classroom training sessions. Others are only offered as in-house training.

    To make a binding reservation, book directly through the website or send us an order. We will confirm course dates as soon as we have received a minimum number of reservations. You will be sent all required information on course arrangements in advance. Fees include digital course materials, and, if you come to our sites, lunch and refreshments during breaks.

    Most of our courses can also be booked as in-house training sessions. Our instructors will be happy to travel directly to your place of work and train your teams on site. We can also mix and match the content of in-house courses and take a particular situation affecting your projects into account. We will be happy to write a concept proposal for your specific training requirements.

    All courses outlined in our training programme can be held in German or English. Our training materials are written in English.

    You will receive the training documents as a PDF. We recommend that you have your notebook or tablet with you during the course.

    Training package: Seminar skills and attractive discounts

    • 10% early-bird booking discount if you register six or more weeks before a training session.
    • 10% group discount if you register more than one participant from your company for the same course.

    Want to save even more? Discounts can be combined for the same course.

    These conditions do not apply to VDA examination fees for Automotive SPICE® assessor training sessions or the Scaled Agile, Inc. fee for SAFe training.

    We strongly recommend that you have the appropriate ISO standards at hand for and during the exam, and of course during your further work.

    For the Cybersecurity Engineer training (TÜV Nord) this concerns ISO/SAE 21434, for the Functional Safety Engineer course (TÜV Rheinland) the safety standard ISO 26262. For Automotive SPICE® training, however, you will receive the model in the form of our original pocket guide.

    For legal reasons, we are unfortunately not authorized to provide you with a copy of ISO standards. Please ask your employer if you can obtain the respective standard there.

    Conditions of participation

    For courses in our seminar rooms, the fees include digital course materials, lunch and refreshments during breaks per person.

    Our services will be invoiced before beginning of training course.

    Terms of payment: 10 days net. In case of late payment late interest will be charged in accordance with current BGB regulations, in particular §288 BGB (German Civil Code).

    This offer is only open to companies or registered tradespersons. All fees are subject to current sales tax and must be paid on receipt of invoice. Early-bird and group discounts will be subtracted as necessary from invoices.

    We will confirm receipt of your registration. Registrations can be cancelled without penalty up to 6 weeks before each individual event; after that the following rules apply:

    • 6 weeks to 4 weeks before the start of the event = 10%. 
    • 4 weeks to 7 days before the event = 50%.
    • Fees will not be refunded if you cancel a course less than a week before an event.

    We will gladly accept a substitute participant at no additional cost. 

    All courses may be subject to change due to unforeseen circumstances.

    We charge the examination fees of third parties (such as VDC QMC and Scaled Agile Inc. as well as TÜV Rheinland and TÜV Nord) on their behalf. Such fees are not eligible for a discount.

    Your personal information will be stored by KUGLER MAAG CIE GmbH in order to organise the event. By registering for a course you also agree to us contacting you by fax, email or telephone. If you do not wish to consent to us using your information in this way, please send us a message or get in touch. You have the right to withdraw your consent to this arrangement at any time.

    If you take part in an examination with a third-party provider such as the VDA QMC and Scaled Agile Inc. as well as TÜV Rheinland and TÜV Nord, we will pass on the necessary data to the respective provider.

    DATA PROTECTION