Hacking the Human: Social Engineering Techniques and Security Countermeasures - Tapa dura

Full of ideas and angles that turn day-to-day security management on its head. For years the security business has ground away at technical issues that company boards don't understand...this book lays open the reality of 'real' security - the security that the CEO understands and worries about. So much about security these days is about fighting mythical hackers using ever-more expensive and poorly-understood gadgetry. As the UK's leading 'white hat' social engineer, Ian Mann has written the definitive text for anyone interested in actually protecting something. The book addresses the 'elephant in the room' that has quietly undermined so much of our efforts. In the past, this issue was used to justify not worrying about security - after all - no matter what we do with the firewalls, someone could just walk in through reception, right? This book sets that straight: Our biggest security worry can be addressed, and in a way that brings the whole subject to life. --Jon Pumfleet, Head of Information Security

Information security is about people, yet in most organizations protection remains focused on technical countermeasures. The human element is crucial in the majority of successful attacks on systems and attackers are rarely required to find technical vulnerabilities, hacking the human is usually sufficient.Ian Mann turns the black art of social engineering into an information security risk that can be understood, measured and managed effectively. The text highlights the main sources of risk from social engineering and draws on psychological models to explain the basis for human vulnerabilities. Chapters on vulnerability mapping, developing a range of protection systems and awareness training provide a practical and authoritative guide to the risks and countermeasures that are available.There is a singular lack of useful information for security and IT professionals regarding the human vulnerabilities that social engineering attacks tend to exploit. Ian Mann provides a rich mix of examples, applied research and practical solutions that will enable you to assess the level of risk in your organization; measure the strength of your current security and enhance your training and systemic countermeasures accordingly. If you are responsible for physical or information security or the protection of your business and employees from significant risk, then "Hacking the Human" is a must-read.