Hacking the Human: Social Engineering Techniques and Security Countermeasures
Information security is about people, yet in most organizations protection remains focused on technical countermeasures. The human element is crucial in the majority of successful attacks on systems and attackers are rarely required to find technical vulnerabilities, hacking the human is usually sufficient. Ian Mann turns the black art of social engineering into an information security risk that can be understood, measured and managed effectively. The text highlights the main sources of risk from social engineering and draws on psychological models to explain the basis for human vulnerabilities. Chapters on vulnerability mapping, developing a range of protection systems and awareness training provide a practical and authoritative guide to the risks and countermeasures that are available. There is a singular lack of useful information for security and IT professionals regarding the human vulnerabilities that social engineering attacks tend to exploit. Ian Mann provides a rich mix of examples, applied research and practical solutions that will enable you to assess the level of risk in your organization; measure the strength of your current security and enhance your training and systemic countermeasures accordingly. If you are responsible for physical or information security or the protection of your business and employees from significant risk, then Hacking the Human is a must-read.
What people are saying - Write a review
We haven't found any reviews in the usual places.
Other editions - View all
aacker access control activities addition aention analysis approach areas audit authentication badge bank BankY beer behaviour biometric bypass challenge CHAPTER classification client cold reading confidential conscious brain credit card CriticalX Derren Brown detect develop document easy effective elements employees example executives exploit explore gain geing give HackerZ hacking helpdesk human vulnerabilities hypnosis identify incident individuals information security risk interesting ISBN John Grinder Johnny JohnnyT leer lile login look mapping mind Neuro-Linguistic Programming online banking organization passwords Payment Card Industry personality profiling phishing potential question rapport receptionist remember Richard Bandler risk assessment role Sarah Sarah Clark security countermeasures security guards senior managers simple social engineering aack social engineering techniques social engineering testing someone soware staff strategy subconscious target technical threat Transactional Analysis trick two-factor authentication understand users usually weaknesses whilst