Many social engineering talks focus on the exploitation of trust relationship and the resulting compromise of corporate and personal assets. However, what happens after the pwnage is done'

This session opens with the aftermath of a successful social engineering incident on a major automotive financing company. Attendees will learn of the methodical analysis of the interactions which led to the compromise of customer information, as well as employee and executive network credentials. The case study also illustrates how this organization was able to use the forensic analysis of social interactions to enhance its customer service business processes. This information was used to engage employees in protecting information with the associated business processes. Most importantly, the customer care process was transformed such that it was able to frustrate social engineers and enhance the experience of their customers.

Attendees will learn:

 - How the incident response team used log information and incident investigation to determine the social nature of this incident.

 - How the incident response team employed Open Source Intelligence techniques to profile the social attack surface, narrowing the focus of their investigation.

 - How the incident response team worked with management to modify business processes to be resilient in the face of social exploits.

BIO: Steven F. Fox offers security guidance to ensure compliance with Federal standards and requirements as a Sr. Security Architecture and Engineering Advisor for the U.S. Treasury. He also contributes to multiple working groups including the IPv6 transition team, Developer Security Testing workgroup, and the Security and Privacy workgroup. Mr. Fox brings a cross-disciplinary perspective to the practice of information security; combining his experience as a security consultant, a Sr. IT Auditor and a systems engineer with principles from behavioral/organizational psychology to address security challenges. He has performed security services including risk/vulnerability/penetration testing assessments, incident response planning, PCI DSS services, and social engineering. Steven is a syndicated blogger covering IT Governance, Risk Management, and IT-Business fusion topics. His speaking engagements include ISSA and ISACA events, SecureWorld Dallas/Detroit, Hacker Halted, Security B-Sides Chicago/Detroit/Las Vegas, and GrrCon. He also volunteers his time to the Ponemon Institute, Security BSides Detroit and the MichSec security organization.

Back to BSides Las Vegas 2013 video list