Live hacking is a great way to raise employee awareness in the short term and is great for starting an enterprise-wide awareness campaign.
What Live Hacking is?
Live hacking is a lecture format. It is often used to make employees aware to IT security issues. The speakers carry out previously selected and planned hacking scenarios. This can be quite impressive and increase the attention to IT security in the company. In the most strategically efficient way, live hacking can be done at the beginning of a company-wide awareness-raising campaign. Due to the high entertainment value, live hacking can also be a one-time infotainment talk, for example at an evening event.
Criticizing Live Hacking
In a perfect world, one live hacking would be enough and listeners will no longer use weak passwords and recognize phishing in their sleep. Unfortunately, this is not the case as it is a long way from taking up knowledge to putting it into practice. Attacker strategies often change and it is a real transfer to recognize an old fraud in new packaging. In addition, live hacking is often criticized only to show the “half truth”. Many live hackings rely too much on the “show effect” and show attacks on obsolete systems with security mechanisms disabled. This often causes panic reactions of the kind “I never use a computer again”. A reaction that should not be produced by a live hacking. A live hacking should sensitize and empower employees to define their own risk and protection level. Scare tactics and the development of resentment should not be the claim of a professional live hacking. We at AWARE7 therefore prefer to use elements of story-telling in some cases. In particular, our topics in the area of ”Social Engineering” live on it, for example, if we offer you the chance to win five euros.
How much does Live Hacking Cost?
It has been very difficult to find prices for live hacking until recently. As a result, prices and services of the providers are not really comparable. Frequently, individual offers are created so that the market is not transparent and customer-unfriendly. AWARE7 goes a new way to bring a little light into the dark. We publish our pricing structure and increase the transparency of the market. The packages Basic and Standard are especially interesting for small and medium-sized companies. The “Premium” package can be customized in such a way that the price is also determined individually. We also want to offer individual prices for charities and events, as we focus on the wide spread of knowledge for individuals in this case. A selection of non-profit companies and other partners we have supported in the past at events or in penetration testing can be found here