“If a tree falls in a forest and no one is around to hear it, does it make a sound?” You probably know this question. It’s a philosophical thought experiment questioning observation and knowledge of reality. There is a similar gedankenexperiment for information security: “If your organisation receives a spear phishing e-mail and no one is around to read it, does it create a security breach?”
Communication is essential for everyone these days. If you run a business, you are forced to deal with communication on a daily basis. This didn’t start with the Internet. The telephone was first, and before there were letters and all kinds of ways to relay word from A to B. It’s a good idea to go back in time to avoid being distracted by technology but Trojan Horses started out pretty analogue. Now they are digital, but they still serve the same purpose: to manipulate people and to benefit from fraud. You can still hack a company’s security by talking to people or dressing up in costume (and in many many other ways). Social interaction is the key, or social engineering to use the modern term.
It’s easy to buy gadgets with a security purpose and to counter threats that can be easily identified. Firewalls can block ports or inspect content for malicious code, but you cannot block social interaction. Not picking up the phone or not reading e-mails may have worked for the Bastard Operator from Hell, but it won’t work in the real world. However you can be aware of attempts of social apt adversaries and gently divert their efforts away from your organisation. Once you know what to look out for, you can change your habits and defend yourself from manipulation while staying polite. Fortunately you don’t have to learn this on your own. At DeepSec 2013 you can be trained in the art of recognising deception and ward off social attacks. Sharon Conheady and Martin Law are masters of the mind and will show you what can happen to the unwary person when professional social engineers practice their craft. We offer you a one-time only one day workshop which will change your life and hopefully your mindset. You can’t firewall malicious social interaction, you have to counter it at the social level, too.
About the free ticket, please register at the booking web site, and attend the workshop. Free tickets are only available on-site at the conference. 😉