Cyber-threat actors are targeting your company and getting what they want. Through the process of Social Engineering, they research information from various public and social media websites and then settle on a course of action – to target your CEO through the CEO’s administrative assistant. The cyber attackers create a fake profile on Facebook and “friend” the assistant who accepts their request. The actors then use information about the assistant’s profile to send a spear-phishing email to the assistant’s work address. Email received, link clicked, payload delivered, foothold established. Without an Incident Response Plan, your environment is wide open after that – and all because an employee didn’t have the proper information security training and awareness to guard against a cyber-threat.