Speakers
Synopsis
This talk will cover how the devil really is in the details when it comes to exposing your organisation. Using basic OSINT techniques, this talk explores the types of seemingly innocuous details we post in our every day lives that provide adversaries with the ability to exploit or understand not just our own cyber security and cyber hygiene, but extend and expand this to build out the opportunity to compromise our corporate network. No longer (and never was) our IT environment and security controls seconded in isolation to a virtual environment. Physical security, the ability to tell a story, to talk with confidence and influence, and how this is leveraged by social engineers is still very much a vital player in our cyber security ecosystem.
The talk will look at the complimentary nature of OSINT and how it's weaponised in social engineering, covering off the core concepts associated with social engineering and the human psyche (such as trust, reciprocity, and liking) and how these are exploited by threat actors.
By connecting the dots and providing real world examples the talk will leave the audience with a better understanding about how and what adversaries will leverage from our every day digital footprint to understand our networks and bypass their security controls. Who needs to know how to hack when you can talk your way in the front door?
The talk will end by providing some key tips and takeaways for OPSEC, and highlight to the audience the enormity of information and insight into our corporate environment that can be gained from a few simple searches and posts.
