Manage episode 159597525 series 133473
Chris Hadnagy specializes in understanding how malicious attackers exploit human communication and trust to obtain access to information and resources through manipulation and deceit. His goal is to secure companies by educating them on the methods used by attackers, identifying vulnerabilities, and mitigating issues through appropriate levels of awareness and security. Chris, is the founder and CEO of Social-Engineer. Chris possesses over 16 years experience as a practitioner and researcher in the security field. His efforts in training, education, and awareness have helped to expose social engineering as the top threat to the security of organizations today. What I found fascinating from Chris' bio is that he is a certified Expert Level graduate of Dr. Paul Ekman's Micro Expressions courses, having made the study of non-verbal behaviors one of his specialties. He established the world's first social engineering penetration testing framework at www.social-engineer.org, providing an invaluable repository of information for security professionals and enthusiasts. That site grew into a dynamic web resource including a podcast and newsletter, which have become staples in the security industry and are referenced by large organizations around the world. Chris also created the first hands-on social engineering training course and certification, Advanced Practical Social Engineering. A sought-after writer and speaker, Chris has spoken and trained at events such as RSA, Black Hat, and various presentations for corporate and government clients. Chris is also the best-selling author of three books My favorite was - Phishing Dark Waters: The Offensive and Defensive Sides of Malicious Emails, which is his latest that I read. You can access all the link to his books, website, etc. at www.redzonetech.net/podcastsMajor take – aways from this episode are:
- Reminder: you can download the transcript of the entire interview at redzonetech.net/podcast.
- A classic story of a Social Engineering hack that Chris did is at the 12 minute mark; it is a great example that will remind you of what you need to do to train employees.
- The importance of the brain and amygdala as it relates to IT Security.
- The importance of the psychology of security.
- The importance of non-verbal facial expression and body language.
- How to trigger empathy and compassion in a target which really shows how this method is so effective.
- The role of mirror neurons.
- You will understand the brain and how it reacts to fear, emotion, and danger in relation to social engineering hacks.
- @ 35 minutes learn about What is a BEC Scam – Business Email Compromise and how to avoid it.
- The difference between Whaling, Vishing, and Phishing.
I have linked up all the show notes on redzonetech.net/podcast when you can get access to Chris Hadnagy’s books and publications.
Read full transcript here.How to get in touch with Chris Hadnagy
- Phishing Dark Waters: The Offensive and Defensive Sides of Malicious Emails
- Unmasking the Social Engineer: The Human Element of Security
- Social Engineering: The Art of Human Hacking
- Published Articles
- Paul Ekman, Emotions Revealed and other books
- Daniel Goldman
- Amy Cuddy, Presence
- Dr. Ellen Langer, On Becoming An Artist
- Verizon DBI Report
This episode is sponsored by the CIO Scoreboard, a powerful tool that helps you communicate the status of your IT Security program visually in just a few minutes.
Credits: * Outro music provided by Ben’s Sound
Leave a Review If you enjoyed this episode, then please consider leaving an iTunes review here
Click here for instructions on how to leave an iTunes review if you're doing this for the first time.
104 episodes available. A new episode about every 18 days averaging 49 mins duration .