In order to build a strong and resilient security culture, organizations must address and invest in what we call the Security Triangle. This approach looks at security from three access points – People, IT Security and Physical Infrastructure. We work with organizations to evaluate the maturity and resilience of each access point because this is most certainly something that the sophisticated hacker will take the time to better understand and exploit.

Social engineering attacks are the hardest to detect as they prey on the individual’s innate desire to help. We work with organizations to build customized training that addresses the ways in which your team engage with others during the course of the business day. By educating and empowering your employees to recognize and mitigate social engineering attacks, you dramatically reduce the risks to your organization’s security, important data and revenue.

Training modules engage team members in realistic social engineering scenarios online, over the phone and in person. By determining where your employees are most susceptible, we are able to design go-forward training strategies that will ensure that the level of security awareness throughout your organization is increased.


The perception of the hacker as the social introvert locked up in a dark room cracking code is a myth. In reality, some of the most sophisticated and successful hackers are those who possess charm, influence and social magnetism. 

In most of today's sophisticated attacks, the element of social engineering is utilized as most career hackers understand that the path of leas resistance is always human.

© 2018 by the Security Culture Institute. All rights reserved.