Social Engineering

DeepSeas' Social Engineering services are expertly designed to test and strengthen the human element of your organization's security posture. Our comprehensive suite includes Email Phishing, Telephone Vishing, SMS Smishing, and Physical Social Engineering Tests/Assessments, each tailored to mimic real-world tactics used by cyber adversaries to exploit human vulnerabilities.

1. Assessment of Human Factor Security - One of the core objectives is to assess how well employees adhere to security policies and procedures when faced with real-world social engineering tactics. These engagements test the human element of security-often considered the weakest link in cybersecurity-by gauging employees' ability to recognize, resist, and respond appropriately to deceptive practices that aim to extract confidential information.
2. Improvement of Security Awareness and Training - Social engineering engagements serve as both a test of current security training effectiveness and a powerful form of ongoing education. By exposing employees to controlled, realistic attack scenarios, organizations can highlight vulnerabilities within their workforce and identify specific areas where cybersecurity training needs improvement. The immediate feedback from these exercises helps reinforce good security practices and educates employees on the importance of vigilance against social engineering threats.
3. Identification and Mitigation of Risks - These engagements help organizations identify vulnerabilities in their current security protocols that could be exploited by attackers. By understanding how employees react to different types of social engineering attacks, organizations can better tailor their security strategies, implement stronger controls, and adjust their policies to mitigate these risks. This proactive approach helps prevent potential breaches, safeguarding sensitive information and reducing the likelihood of costly security incidents.

• The Client shall have five (5) business days from receiving a Deliverable provided by DeepSeas to review, evaluate, and provide feedback or acceptance. The Deliverable shall be deemed accepted if DeepSeas receives no written approval or rejection.

1. Services will be delivered remotely unless otherwise defined.
2. All work to be scheduled during DeepSeas normal business hours unless otherwise defined.
3. Delivery delays caused by circumstances beyond the control of DeepSeas are not covered under this proposal and are subject to a Change Order.
4. DeepSeas' standard lead time for testing is 60 calendar days. This allows us to ensure appropriate resource allocation, planning, and quality delivery across all client engagements. Requests for an earlier testing start date may be accommodated on a case-by-case basis, pending team availability. If approved, such requests will require the purchase of our Accelerated Delivery option, which includes a prioritized testing schedule and expedited internal processing.

• Provide signed approval on the agreed to Rule of Engagement document.
• Work with DeepSeas consultants to schedule the execution of the activities associated with the contracted services in a way that does not impact the client's essential services of its daily operations.
• Attend meetings and working sessions scheduled by DeepSeas, which include, but are not limited to:
  • Kick-off
  • Request for requirements
  • Clarification of doubts and understanding of requirements
  • Project monitoring
  • Project deviations
  • Partial project deliveries
  • Final project deliveries
• Assess and accept the risk factors that harm the correct execution of the contracted services identified by DeepSeas.
• Internal coordination of meetings with internal stakeholders (of the client) that must be involved or notified of the testing activities.
• Delivery of requirements requested by DeepSeas for the correct execution of the activities of the services contracted and defined.
• Assist or delegate to third parties the attendance at the work sessions coordinated by DeepSeas for the execution, investigation, assessments, and delivery of activities associated with the contracted services.
• Acceptance of draft or final reports by DeepSeas.