Leipzig, 17.02.2022: Cybersecurity awareness specialists, Increase Your Skills, have launched a modern solution to address the continued problem of phishing attacks against companies. The solution, a Phishing Initial Audit, allows companies to highlight the security awareness gaps present within the company and respond to them before an actual attack occurs. The audit is a suitable solution for any company that faces the ever-increasing challenges of adapting to digitalised globalisation, from SMEs to large corporations.

Phishing Initial Audit increases the cybersecurity of international companies

One of the first companies to experience the benefits of the Phishing Initial Audit has been Breitenfeld Edelstahl AG. The audit has made it possible for the company to identify weak spots in security awareness and take appropriate measures to rectify them. Breitenfeld Edelstahl AG is a leading player in the steel industry that faces various problems associated with digitalised globalisation. Providing internet security and recognising IT vulnerabilities are among the most fundamental factors leading to the success or failure of a company.

The audit allowed Breitenfeld Edelstahl AG to visualise where shortcomings in security awareness knowledge existed and to implement corrective measures directly:

“Through the Phishing Initial Audit, we were finally able to measure the level of security awareness within our company easily. One meeting, and we were ready to go. Through the OSINT engine, we conducted very realistic spear phishing attacks and stimulated a lively exchange among staff on the topic of phishing. We were able to directly identify and influence an IT vulnerability live during the campaign,” said Simon Pucher, Head of Information Technology at Breitenfeld Edelstahl AG.

What is phishing?

Due to the ever-increasing nature of digitalisation, every company will sooner or later become a victim of a phishing attack. Fake emails, messages or even malicious websites are used to steal company data that can lead to total system paralysis (through so-called ransomware) or be used to gain access to other systems by using stolen company information (e.g. bank data, etc.).

What is the Phishing Initial Audit?

The Phishing Initial Audit creates targeted simulated attacks tailored to each company's requirements. Firstly, an action plan is drawn up and an interview is held, where decisions are made about which kind of phishing scenarios will be created. The Phishing Initial Audit software simulates these attacks via email, with the company can measure various KPIs, which are used to identify the threats. To simulate as realistic an attack as possible, various online sources where the company has a presence - such as social media - are analysed for information.

It is important not only to detect technical gaps and potential attacks but to also educate employees at every level about the potential dangers.

As recently as October 2021, the city of Witten (NRW) was paralysed by a cyberattack, with many municipal appointments and tasks having to be cancelled or rescheduled. It was suspected that malware had entered the network through an employee clicking on a phishing email.¹

For more information on Increase Your Skills’ phishing simulation, see Increase Your Skills | Phishing Attack Simulator or visit the company’s LinkedIn page.

_{¹ Hacker attack completely paralyses city of Witten - numerous services unavailable}

^{Image source: Trainees at Breitenfeld Edelstahl AG | Copyright: Stefan Nadrag}