Social Engineering Workshop 2026

Tuesday 29th September, 2026

Delivered Virtually, Zoom

Attendee Fees: Non-members: £425 (VAT Exempt), Members: £275 (VAT Exempt)

Time: 09:30 - 12:30

Duration: 3 hours

COURSE DETAILS

Timings: 9.30 -12.30 | 3 CPD hours

Social engineering, (essentially all techniques aimed at talking a target into revealing specific information or performing a specific action for illegitimate reasons) is a highly dangerous and effective tool that exploits trust and human nature for facilitating fraud, cyber crime and intellectual property theft. Combatting social engineering risk effectively should be central to any firm’s financial crime and Consumer Duty controls.

Successful social engineering attacks can leave customers defrauded or their sensitive data exposed or misused. They facilitate intellectual property theft, access to confidential trading information (leading to market abuse) and expose firms to devastating cyber attacks either from criminal gangs or “Hacktivists”.

It is generally accepted that the human element is the weakest link in any security setup, and effective social engineering exploits this with devastating consequences.

Course Overview

Understand the scope of the concept of social engineering
Understand the applicable rules, FCA Guidance, interaction with cyber security and the Consumer Duty
Understand, and be able to spot, various types of social engineering techniques and how they might be used
Know that social engineering exploits trust and what this means for your risk assessment
Learn how to think like a social engineer and apply this to your controls, policies and procedures
Understand what robust, multi-layered defences look like and their importance and value
Ensure your policies and procedures adequately support the prevention of social engineering attacks
Understand what non-FCA Guidance is available.

Agenda

Understand what social engineering is, the forms it can take and how it is used in hybrid attacks;
Develop a risk assessment approach that is appropriately sensitised to social engineering;
Start to think like a social engineer;
Develop strategies for building multi-layered defences and controls;
Understand how to create effective control frameworks that balance ;
Understand how to create and deliver effective training for staff
Changing staff mindsets – balancing controls with trust.

Trainer

The session will be delivered by Gary Pitts.

Gary has been a compliance professional for over 30 years, having started his career at Lautro and the Personal Investment Authority and including spells at Threadneedle, Henderson (managing the N2 transition), Head of Compliance at hedge fund Brevan Howard and Head of Compliance Europe, Mid-East, Africa and Japan for a boutique investment bank. Since 2013 he has run his own regulatory and training consultancy, Tetractys, with operations in the UK and Ireland. Tetractys focuses the importance of governance as the essential driver of good compliance outcomes. He delivers open and bespoke training courses and external Board effectiveness assessments alongside his consulting work. Gary has a particular interest in cyber security governance and the impact of digitisation and artificial intelligence on compliance and business processes.

Gary has held FCA controlled/senior manager functions in FSA/FCA regulated firms since 2001, has been a director of regulated companies in the UK and South Africa and is also has been a Central Bank regulated person in Ireland, as well as being a compliance officer for National Futures Association and SEC registered firms in the US. Gary is a Fellow of the Institute of Leadership, Fellow of the Chartered Management Institute and holds an MBA from the Open University Business School and Masters degrees from Oxford and London Universities. He is a practising expert witness working towards Certified Expert Witness status. He sits on the regulatory advisory board of the Journal of Securities Operations has also held a number of charity trusteeships.