Human error is one of the most enduring weaknesses in any cybersecurity plan, which is why it's so important for professionals to stay on top of the latest tricks and tools social engineers use to slip past digital defenses.
With less than a month to go until the all-digital Black Hat USA kicks off August 1st, make sure to check out the opportunities attendees will have to sharpen their social engineering skills and deepen their understanding of the human side of cybersecurity.
Access Denied - Social Engineering and Incident Response is a great example; this 2-Day Training will teach you the core principles of preparing for a social engineering breach and ensuring detection measures are implemented to discover and report SE attacks. Over the course of two days you'll get expert step-by-step instruction on what an incident responder should do once a potential SE incident has been identified.
You'll also learn how to validate, protect, detect, respond and recover from an SE event as part of a comprehensive incident response plan that goes beyond the network and into the human heart of your enterprise.
For briefer bites of learning and skill growth have a look at the lineup of Human Factors Briefings taking place at Black Hat USA this year; each offers novel insights on the subject from a variety of perspectives. A Framework for Evaluating and Patching the Human Factor in Cybersecurity, for example, is a 40-minute Briefing intended to equip you with a new methodology and an automated, scalable and objective framework for continuously evaluating the resilience of users to specific types of social engineering attacks.
Or you could check out Mind Games: Using Data to Solve for the Human Element to learn key insights from nearly a dozen security training research studies and analysis of several dozen security behavioral change campaigns to more than 65,000 employees across industries. You'll better understand why traditional training approaches are ineffective in changing behaviors, and see why techniques such as personal relevance, social proof, leveraging intrinsic motivation, and tight-feedback loops are key factors to reduce human risk. Expect to walk away with concrete examples of how security teams can leverage these techniques to effectively reduce human risks such as phishing, malware downloads, and sensitive data handling in their own organizations.
For a fresh perspective on how understanding human behavior can help protect you online, stop by the (virtual) Black Hat USA Arsenal and check out a demo of the Decepticon bot. Designed by a social engineering expert, Decepticon is a python* based tool that connects to social media via APIs to read posts/tweets to determine patterns of posting intervals and content, then takes over to autonomously post for the user.
This unique tool is specifically designed to help people who are trying to enhance their operational security and abandon social media accounts that have been targeted, without setting off alarms to their adversaries. Use case scenarios include public figures, executives, and, most importantly — domestic violence and trafficking victims.
Register now for this year's fully virtual Black Hat USA, still scheduled to take place August 1st through 6th, and get more information about the event on the Black Hat website.