Internal Auditors and Compliance Officers were concerned that employees could unwittingly divulge sensitive information to social engineers. Because of the stringent internal control provisions of the Sarbanes-Oxley Act, it was necessary to educate employees about how to prevent social engineering.
I worked closely with the information technology and internal audit teams to determine how best to communicate to employees the strategies that social engineers use, and the ways that employees can prevent being victims. This tutorial takes a scenario-based approach to provide real-life examples of how social engineers try to obtain information, and provides examples of how employees should respond.
Because of the proprietary nature of the content, I am only able to provide limited screenshots of this project.
