Reducing Your Organization's Social Engineering Attack Surface - Jen Fox (Circle City Con 2015 Videose 2015) (Hacking Illustrated Series InfoSec Tutorial Videos)
Reducing Your Organization's Social Engineering Attack Surface
Jen Fox

Circle City Con 2015

his case study is a journey through the presenter's experience compromising Fortune-50 companies at the DefCon 21 and 22 Social Engineering Capture the Flag (SECTF) competition and other smaller targets on more recent consulting engagements. The DefCon SECTF participants competed to gather openly available information on their corporate targets both on the Internet and over the phone. Some companies put up better defenses than others. Social engineering remains a threat to companies of all sizes and industries. Verizon?s 2013 Data Breach Investigations Report cites that 29% of breaches investigated had a social engineering component. Social engineers manipulate human beings to get them to reveal information or take a particular action, such as clicking a malicious link. Information gained via social engineering is then used to gain access to information systems or sensitive data. Attendees will learn the factors that contributed to the presenter's success and how simple changes could have frustrated her intelligence gathering operations. Session participants will also learn how to detect social engineering attacks and react to them appropriately. And yes, there will be pwnage. Takeaways: Understanding of the social engineering process; Actionable tips that can be used in any company.

Bio: Jen Fox, CIPT, is a Sr. Security Consultant and governance Practice Lead at VioPoint. Her 20+ years in IT and information security includes training, usability design, business process analysis, risk management, vendor risk management, and security awareness. Specialties include information elicitation and business/technology translation. She is also a locksport enthusiast and Myers-Briggs nerd.

Back to Circle City Con 2015 Videos list



If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek