Presented at
DerbyCon 1.0 (2011),
Oct. 2, 2011, noon
(50 minutes).
Social Engineering has increasingly been in the headlines lately, with several breaches over the last couple of years being attributed to this concept. Security companies have been quick to jump on this and claim they have the latest and greatest counter to social engineering. This presentation will also cover a proven way to reduce susceptibility to attacks into the single-digit percentages. This presentation will describe some of the attacks that have been successful over the years, the psychology that went into making them successful, how you can leverage the psychology of social engineering to be more successful in penetration tests, and finally, explain why the concept of social engineering may be considered fraudulent.
Presenters:
-
Jamison
Jamison graduated from the US Air Force Academy in 2001 with a degree in Social Sciences (including psychology/behavioral sciences). He has worked in information security for more than10 years, in a variety of forms. He spent 6+ years active duty in the Air Force in a variety of roles. In 2008, he graduated from the Air Force Institute of Technology with an MS in Information Resource Management. His graduate thesis was on instilling a resistance to social engineering. In 2008, he separated from the Air Force and helped found a Red Team at a major US bank. Since 2008, he has been leading Red Team assessments at this bank.
Similar Presentations: