The main object subjected to verification under the above tests is the so-called weakest link of each security system, that is, a regular employee. The test results will answer to a series of key questions. Does the staff know and uses good practices related to the processing of confidential company information? Does the staff use the Internet in a reasonable way while maintaining an appropriate vigilance? Can the staff recognise the most popular modes of cybercriminals’ action?
Aside from the indication of shortcomings in the above matter, the main purpose of these tests is to create a grounds for the construction of an employee team that is aware of threats, educated, and resistant to external attacks and the risk of financial losses related to the said attacks.