“MainNerve does penetration (or “pen”) testing for companies all over the world. From one-person businesses to firms with tens of thousands of employees. The weaknesses are the same: They’re human, and they’re not expecting trouble.”
MainNerve’s Chief Security Officer, James Garcia, recently shared with the media the importance of penetration tests to thwart social engineering attempts. These white hat hacking methods are the bread and butter of MainNerve’s cybersecurity business. It can help all organizations, from one-man shops to companies with thousands of employees.
White hat hackers are computer security experts who break into protected systems or networks to identify vulnerabilities so they can be fixed before malicious (or “black hat”) hackers find them.
Penetration testing — a form of white hat hacking — is central to Springs-based MainNerve’s business, and Chief Security Officer James Garcia said phishing is its “No. 1 vector” into clients’ networks.
“We’re almost always successful on a phishing test,” he said. “It’s so successful because it’s generally easier to bypass firewalls and to get into the internal network by email. … Email is the No. 1 vehicle for transferring data, and it’s really trivial to bypass spam filters.
“Why go through a locked door when you can crawl through an open window? That’s generally what email is.”
Successful phishing goes hand in hand with social engineering — the art of manipulating people into breaking normal security procedures or giving up confidential information.
“Social engineering transcends the technical and sociological; it puts a human face on there,” Garcia said. “It’s an art … some people are naturally good at it; they have a natural inclination to try to fool people into doing things they otherwise would not do.”
MainNerve does penetration (or “pen”) testing for companies all over the world, from one-person businesses to firms with tens of thousands of employees, and the weaknesses are the same: They’re human, and they’re not expecting trouble.