Contrasting Traits Between A Social Engineer & A Sociopath

Presented at THOTCON 0x5 (2014), April 25, 2014, 4 p.m. (20 minutes).

A sociopath is defined as a person with a personality disorder manifesting itself in extreme antisocial attitudes and behavior and a lack of conscience. Sociopaths show a pervasive pattern of disregard for the rights and feelings of others. While it's common to think of sociopaths as criminals, even killers, such behavior is not essential to the diagnosis of a sociopath. A social engineer, in the context of information security, refers to the security professional using the psychological manipulation of people into performing actions, divulging confidential information, or allowing access to systems. Social Engineering uses manipulation and deception to get what is wanted. In many cases this is directed by media to gain information that has not been made public or even worse, by a competitor or adversary to gather your trade secrets, proprietary processes, confidential information and the like. Social engineers often rely on the natural helpfulness of people as well as on their weaknesses. In psychology, personality is defined as a person’s relatively stable feelings, thoughts, and behavioral patterns. By this definition, the traits in a person are predominantly determined by inheritance, social and environmental influence, and experience, and are therefore unique for every individual. This paper is intending to identify, compare, and then expand upon key traits in both types of personality, specifically focusing on where the social engineer and ultimately the people (companies) should direct efforts of training and awareness program development.


Presenters:

  • Jeff Singleton
    Jeff Singleton an experienced Information Security professional with an outstanding background in testing for security weaknesses via several facets, ranging from web applications, too perimeter or edge security for corporate networks, and wireless security monitoring, investigation, and mitigation. Jeff has a proven track record overseeing and managing all facets of Operating System security, excellent computer skills with extensive technical background, adept in risk assessment, project management, and security audits (Penetration Testing), and am able to build productive working relationships with coworkers, vendors, and clientele. He also have a strong education background, including a Bachelors of Science in Information Security combined with over 20 years of experience in Information Technology, Security, and Assurance.

Similar Presentations: