Social Engineering – Industrialized Exploitation of Human Helpfulness

B. Ostergaard
B. Ostergaard

Summary Bullets:

  • Helpful people are the first targets
  • Provide simple security commandments to follow under pain of dismissal

The most compelling briefings at this year’s RSA Security Conference in London were focused on how companies can make the journey from their governance, risk and compliance process and the resulting security policy to actually making it work throughout their enterprise, where getting people aligned with security is a real sticking point. It’s not that employees actually want to spill company secrets – mostly, they just want to be helpful to ‘perceived’ colleagues. How many times do we actually read error messages or listen to security warnings? How often do we reflect on the veracity of a caller who seems really nice and obviously knows a lot about the company? Continue reading “Social Engineering – Industrialized Exploitation of Human Helpfulness”