SlideShare a Scribd company logo

Seductive security - Art of seduction

b coatesworth
b coatesworth

The art of seduction, looking how behavior psychology can influence the perception of information security. How cialdini principles of influence are used in phishing attacks, and viral marketing.

Technology
1 of 32
Download to read offline
The perception of information security in a modern business.
Behaviour F I N A N C E T E L E C O M M S H E A L T H C A R E R E T A I L T E C H N O L O G Y D E F E N C E Users Human behaviour
Human engineering Carnegie Institute of Technology 85 per cent of your success is due to skills in “human engineering,” your personality and ability to communicate, negotiate, and lead. only 15 per cent is due to technical knowledge.
User experience...
5 Effective security changes peoples behaviour in a subtle way. Behavioural psychology is becoming even more important for security practitioners, helping to influence executive decisions, and also to change peoples perspectives around security, and its misconceptions. Ultimately reducing risk, increasing value, and saving time. You need to win hearts and minds. To do that, think differently… Security Perception
Challenging Stereotypes
7 Survival of the fittest Information Security just like the business or brand it protects, must evolve and become best “fitted,” or best “adapted,” to its environment for it to survive, and help the business to grow. The evolution of security AGILEFLEXIBLE ADAPT OR DIE ADAPTABLE BOLD
Fortress Mentality STATIC SLOW INEFFICIENT
Flexible Framework AGILE ADAPTABLE EVOLVING
Security as a brand
11 Security PR – spin doctors By making security engaging, it gains more acceptance. Security should be a positive experience for the majority of people Acceptance, is not only good for the business, it is good for you. Try to make security fun for your constituents, while still getting the “message” across.
Making IT personal Security has to appear human, and not a soulless destroyer of worlds. NO!!!
IT Savvy – only human I have won a free iPad! O’Really…
The Art of Seduction* *or, “How Information Security can improve your sex life.”
“Phishing is the act of attempting to acquire information by masquerading as a trustworthy entity in an electronic communication” Social Enginnering & Phishing
16 Who engages in social engineeringWho Uses Social Engineering We All do. HACKERS POLITICIANS SALESMEN SPIES SCAM / CON MEN PUA ACTORS MARKETERS
The Psychology of Seduction 1. Reciprocation (Favours) 2. Commitment 3. Social values 4. Liking 5. Authority 6. Scarcity
Reciprocation We are hard-wired to respond to a favour or gift, often not in direct proportion to the size of the favour done to us.
Commitment and Consistency Once we make a choice or take a stand, we will encounter personal and inter-personal pressures to behave consistently with that commitment. When we “commit” we want to believe in a positive outcome.
The Principle of Social Proof We view a behaviour to be more correct in a given situation to the degree that we see others performing it. By leveraging the power of social networking sites such as LinkedIn and Facebook.
The Principle of Liking Not a difficult principle to understand, we prefer to say yes to requests from someone we know and like.
The Principle of Authority Once we realize that obedience to authority is mostly rewarding, it is easy to allow ourselves the convenience of automatic obedience.
The Principle of Scarcity One of the most common tactics is to build time pressure. The scarcity of time often makes people comply with requests in violation of their policies and their own common sense.
Gamification Competition Engagement Increase Loyalty Builds Empathy Improves awareness
Trick or Treat Positive reinforcement Negative reinforcement
Risk reduction Find out what people fear… …Then make it go away.
test Waterhole’s Social proof = Social behaviour = your social profile
Creatures of habit Social engineering and phishing works, as we are programmed to have “rituals”, and the majority of things we do day to day are habitual. Rituals = Patterns of behaviour Same websites Favourite food FriendshipsSocial networks Waterholes exploit your social patterns, behaviour and rituals.
Asymmetric warfare INTERNET Home network Corporate network
Asymmetric warfare Friends and Family
The art of Seduction Seducers draw you in by focused individualised attention Choose the right victim – study your prey thoroughly and choose only those susceptible to your charms Create a false sense of security – if you are too direct early on, you risk stirring up resistance and that will never be lowered An object of desire – to draw your victim closer, create an aura of desirability Create temptation – find the weakness of theirs, keep it vague and stimulate curiosity Pay attention to detail – the details of seduction, subtle gestures, thoughtful gifts tailored for them
Recap THANK YOU

Recommended

The Subtle Art of Seduction
The Subtle Art of SeductionThe Subtle Art of Seduction
The Subtle Art of SeductionStephen Anderson
 
Social engineering via social media
Social engineering via social mediaSocial engineering via social media
Social engineering via social mediab coatesworth
 
How Social Media can Open Doors to Social Engineering
How Social Media can Open Doors to Social EngineeringHow Social Media can Open Doors to Social Engineering
How Social Media can Open Doors to Social EngineeringZoodikers Consulting Ltd
 
Panel discussion social engineering - manasdeep - nullmeetblr 21st June 2015
Panel discussion social engineering - manasdeep - nullmeetblr 21st June 2015Panel discussion social engineering - manasdeep - nullmeetblr 21st June 2015
Panel discussion social engineering - manasdeep - nullmeetblr 21st June 2015n|u - The Open Security Community
 
12 signs your culture is broken
12 signs your culture is broken12 signs your culture is broken
12 signs your culture is brokenRicky Muddimer
 
ISACA talk - cybersecurity and security culture
ISACA talk - cybersecurity and security cultureISACA talk - cybersecurity and security culture
ISACA talk - cybersecurity and security cultureCraig McGill
 
CIS502 discussion post responses.Disaster RecoveryDisaster rec.docx
CIS502 discussion post responses.Disaster RecoveryDisaster rec.docxCIS502 discussion post responses.Disaster RecoveryDisaster rec.docx
CIS502 discussion post responses.Disaster RecoveryDisaster rec.docxmccormicknadine86
 
Master's Presentation to Intel Security
Master's Presentation to Intel Security Master's Presentation to Intel Security
Master's Presentation to Intel Security Andrea Wong
 

Recommended

The Subtle Art of Seduction
The Subtle Art of SeductionThe Subtle Art of Seduction
The Subtle Art of SeductionStephen Anderson
 
Social engineering via social media
Social engineering via social mediaSocial engineering via social media
Social engineering via social mediab coatesworth
 
How Social Media can Open Doors to Social Engineering
How Social Media can Open Doors to Social EngineeringHow Social Media can Open Doors to Social Engineering
How Social Media can Open Doors to Social EngineeringZoodikers Consulting Ltd
 
Panel discussion social engineering - manasdeep - nullmeetblr 21st June 2015
Panel discussion social engineering - manasdeep - nullmeetblr 21st June 2015Panel discussion social engineering - manasdeep - nullmeetblr 21st June 2015
Panel discussion social engineering - manasdeep - nullmeetblr 21st June 2015n|u - The Open Security Community
 
12 signs your culture is broken
12 signs your culture is broken12 signs your culture is broken
12 signs your culture is brokenRicky Muddimer
 
ISACA talk - cybersecurity and security culture
ISACA talk - cybersecurity and security cultureISACA talk - cybersecurity and security culture
ISACA talk - cybersecurity and security cultureCraig McGill
 
CIS502 discussion post responses.Disaster RecoveryDisaster rec.docx
CIS502 discussion post responses.Disaster RecoveryDisaster rec.docxCIS502 discussion post responses.Disaster RecoveryDisaster rec.docx
CIS502 discussion post responses.Disaster RecoveryDisaster rec.docxmccormicknadine86
 
Master's Presentation to Intel Security
Master's Presentation to Intel Security Master's Presentation to Intel Security
Master's Presentation to Intel Security Andrea Wong
 
Compliance Conference Part 1 V2 20090817
Compliance Conference Part 1 V2 20090817Compliance Conference Part 1 V2 20090817
Compliance Conference Part 1 V2 20090817Keryl Egan
 
Managing Unconscious Bias to Strengthen Corporate Culture Whitepaper
Managing Unconscious Bias to Strengthen Corporate Culture WhitepaperManaging Unconscious Bias to Strengthen Corporate Culture Whitepaper
Managing Unconscious Bias to Strengthen Corporate Culture WhitepaperEdward Nelson
 
Brainjuicer behavingeconomicallywiththtruth
Brainjuicer behavingeconomicallywiththtruthBrainjuicer behavingeconomicallywiththtruth
Brainjuicer behavingeconomicallywiththtruthviasatcreative
 
Rational versus emotional – inside the mind of your buyer
Rational versus emotional – inside the mind of your buyerRational versus emotional – inside the mind of your buyer
Rational versus emotional – inside the mind of your buyerB2B Marketing
 
2013 12 25 social media and the (uk) insurance sector
2013 12 25 social media and the (uk) insurance sector2013 12 25 social media and the (uk) insurance sector
2013 12 25 social media and the (uk) insurance sectorwww.businesspsychologist.london
 
Introduction to the Social Media Lifecycle - NCD Haarlem
Introduction to the Social Media Lifecycle - NCD HaarlemIntroduction to the Social Media Lifecycle - NCD Haarlem
Introduction to the Social Media Lifecycle - NCD HaarlemEdwin Korver
 
Can do. Will do. Still do.
Can do. Will do. Still do.Can do. Will do. Still do.
Can do. Will do. Still do.Kuliza Technologies
 
6 Pillars Of Influence
6 Pillars Of Influence6 Pillars Of Influence
6 Pillars Of InfluenceCustom Hypnosis
 
Persuasion architectures: Nudging People to do the Right Thing
Persuasion architectures: Nudging People to do the Right ThingPersuasion architectures: Nudging People to do the Right Thing
Persuasion architectures: Nudging People to do the Right ThingUser Vision
 
Social engineering and indian jugaad
Social engineering and indian jugaadSocial engineering and indian jugaad
Social engineering and indian jugaadn|u - The Open Security Community
 
Looking inside the Cheese - Engaging people in workplace health and safety
Looking inside the Cheese - Engaging people in workplace health and safetyLooking inside the Cheese - Engaging people in workplace health and safety
Looking inside the Cheese - Engaging people in workplace health and safetyOccupational Health and Safety Industry Group
 
360HR Knowledge Guide - The Science of Selection
360HR Knowledge Guide - The Science of Selection360HR Knowledge Guide - The Science of Selection
360HR Knowledge Guide - The Science of SelectionDi Pass
 
Creating a Jerk-Free Zone - The Human Element
Creating a Jerk-Free Zone - The Human ElementCreating a Jerk-Free Zone - The Human Element
Creating a Jerk-Free Zone - The Human ElementNicole Payne
 
Understanding Influence on Risks
Understanding Influence on RisksUnderstanding Influence on Risks
Understanding Influence on RisksLaurenWeyers
 
BruCON 0x09 Building Security Awareness Programs That Don't Suck
BruCON 0x09 Building Security Awareness Programs That Don't SuckBruCON 0x09 Building Security Awareness Programs That Don't Suck
BruCON 0x09 Building Security Awareness Programs That Don't SuckVlad Styran
 
SECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.pptSECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.pptCakraWicaksono3
 
SECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.pptSECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.pptpixvilx
 
Ethics Course Powerpoint
Ethics Course PowerpointEthics Course Powerpoint
Ethics Course PowerpointLindsey Skinner
 
College Essay Starters. Online assignment writing service.
College Essay Starters. Online assignment writing service.College Essay Starters. Online assignment writing service.
College Essay Starters. Online assignment writing service.Tiffany Surratt
 
Positive Swiss Cheese Model
Positive Swiss Cheese ModelPositive Swiss Cheese Model
Positive Swiss Cheese ModelPeter Newsome
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 

More Related Content

Similar to Seductive security - Art of seduction

Compliance Conference Part 1 V2 20090817
Compliance Conference Part 1 V2 20090817Compliance Conference Part 1 V2 20090817
Compliance Conference Part 1 V2 20090817Keryl Egan
 
Managing Unconscious Bias to Strengthen Corporate Culture Whitepaper
Managing Unconscious Bias to Strengthen Corporate Culture WhitepaperManaging Unconscious Bias to Strengthen Corporate Culture Whitepaper
Managing Unconscious Bias to Strengthen Corporate Culture WhitepaperEdward Nelson
 
Brainjuicer behavingeconomicallywiththtruth
Brainjuicer behavingeconomicallywiththtruthBrainjuicer behavingeconomicallywiththtruth
Brainjuicer behavingeconomicallywiththtruthviasatcreative
 
Rational versus emotional – inside the mind of your buyer
Rational versus emotional – inside the mind of your buyerRational versus emotional – inside the mind of your buyer
Rational versus emotional – inside the mind of your buyerB2B Marketing
 
Introduction to the Social Media Lifecycle - NCD Haarlem
Introduction to the Social Media Lifecycle - NCD HaarlemIntroduction to the Social Media Lifecycle - NCD Haarlem
Introduction to the Social Media Lifecycle - NCD HaarlemEdwin Korver
 
Persuasion architectures: Nudging People to do the Right Thing
Persuasion architectures: Nudging People to do the Right ThingPersuasion architectures: Nudging People to do the Right Thing
Persuasion architectures: Nudging People to do the Right ThingUser Vision
 
360HR Knowledge Guide - The Science of Selection
360HR Knowledge Guide - The Science of Selection360HR Knowledge Guide - The Science of Selection
360HR Knowledge Guide - The Science of SelectionDi Pass
 
Creating a Jerk-Free Zone - The Human Element
Creating a Jerk-Free Zone - The Human ElementCreating a Jerk-Free Zone - The Human Element
Creating a Jerk-Free Zone - The Human ElementNicole Payne
 
Understanding Influence on Risks
Understanding Influence on RisksUnderstanding Influence on Risks
Understanding Influence on RisksLaurenWeyers
 
BruCON 0x09 Building Security Awareness Programs That Don't Suck
BruCON 0x09 Building Security Awareness Programs That Don't SuckBruCON 0x09 Building Security Awareness Programs That Don't Suck
BruCON 0x09 Building Security Awareness Programs That Don't SuckVlad Styran
 
SECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.pptSECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.pptCakraWicaksono3
 
SECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.pptSECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.pptpixvilx
 
Ethics Course Powerpoint
Ethics Course PowerpointEthics Course Powerpoint
Ethics Course PowerpointLindsey Skinner
 
College Essay Starters. Online assignment writing service.
College Essay Starters. Online assignment writing service.College Essay Starters. Online assignment writing service.
College Essay Starters. Online assignment writing service.Tiffany Surratt
 
Positive Swiss Cheese Model
Positive Swiss Cheese ModelPositive Swiss Cheese Model
Positive Swiss Cheese ModelPeter Newsome
 

Similar to Seductive security - Art of seduction (20)

Compliance Conference Part 1 V2 20090817
Compliance Conference Part 1 V2 20090817Compliance Conference Part 1 V2 20090817
Compliance Conference Part 1 V2 20090817
 
Managing Unconscious Bias to Strengthen Corporate Culture Whitepaper
Managing Unconscious Bias to Strengthen Corporate Culture WhitepaperManaging Unconscious Bias to Strengthen Corporate Culture Whitepaper
Managing Unconscious Bias to Strengthen Corporate Culture Whitepaper
 
Brainjuicer behavingeconomicallywiththtruth
Brainjuicer behavingeconomicallywiththtruthBrainjuicer behavingeconomicallywiththtruth
Brainjuicer behavingeconomicallywiththtruth
 
Rational versus emotional – inside the mind of your buyer
Rational versus emotional – inside the mind of your buyerRational versus emotional – inside the mind of your buyer
Rational versus emotional – inside the mind of your buyer
 
2013 12 25 social media and the (uk) insurance sector
2013 12 25 social media and the (uk) insurance sector2013 12 25 social media and the (uk) insurance sector
2013 12 25 social media and the (uk) insurance sector
 
Introduction to the Social Media Lifecycle - NCD Haarlem
Introduction to the Social Media Lifecycle - NCD HaarlemIntroduction to the Social Media Lifecycle - NCD Haarlem
Introduction to the Social Media Lifecycle - NCD Haarlem
 
Can do. Will do. Still do.
Can do. Will do. Still do.Can do. Will do. Still do.
Can do. Will do. Still do.
 
6 Pillars Of Influence
6 Pillars Of Influence6 Pillars Of Influence
6 Pillars Of Influence
 
Persuasion architectures: Nudging People to do the Right Thing
Persuasion architectures: Nudging People to do the Right ThingPersuasion architectures: Nudging People to do the Right Thing
Persuasion architectures: Nudging People to do the Right Thing
 
Social engineering and indian jugaad
Social engineering and indian jugaadSocial engineering and indian jugaad
Social engineering and indian jugaad
 
Looking inside the Cheese - Engaging people in workplace health and safety
Looking inside the Cheese - Engaging people in workplace health and safetyLooking inside the Cheese - Engaging people in workplace health and safety
Looking inside the Cheese - Engaging people in workplace health and safety
 
360HR Knowledge Guide - The Science of Selection
360HR Knowledge Guide - The Science of Selection360HR Knowledge Guide - The Science of Selection
360HR Knowledge Guide - The Science of Selection
 
Creating a Jerk-Free Zone - The Human Element
Creating a Jerk-Free Zone - The Human ElementCreating a Jerk-Free Zone - The Human Element
Creating a Jerk-Free Zone - The Human Element
 
Understanding Influence on Risks
Understanding Influence on RisksUnderstanding Influence on Risks
Understanding Influence on Risks
 
BruCON 0x09 Building Security Awareness Programs That Don't Suck
BruCON 0x09 Building Security Awareness Programs That Don't SuckBruCON 0x09 Building Security Awareness Programs That Don't Suck
BruCON 0x09 Building Security Awareness Programs That Don't Suck
 
SECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.pptSECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.ppt
 
SECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.pptSECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.ppt
 
Ethics Course Powerpoint
Ethics Course PowerpointEthics Course Powerpoint
Ethics Course Powerpoint
 
College Essay Starters. Online assignment writing service.
College Essay Starters. Online assignment writing service.College Essay Starters. Online assignment writing service.
College Essay Starters. Online assignment writing service.
 
Positive Swiss Cheese Model
Positive Swiss Cheese ModelPositive Swiss Cheese Model
Positive Swiss Cheese Model
 

Recently uploaded

The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 

Recently uploaded (20)

The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 

Seductive security - Art of seduction

  • 1. The perception of information security in a modern business.
  • 3. Human engineering Carnegie Institute of Technology 85 per cent of your success is due to skills in “human engineering,” your personality and ability to communicate, negotiate, and lead. only 15 per cent is due to technical knowledge.
  • 5. 5 Effective security changes peoples behaviour in a subtle way. Behavioural psychology is becoming even more important for security practitioners, helping to influence executive decisions, and also to change peoples perspectives around security, and its misconceptions. Ultimately reducing risk, increasing value, and saving time. You need to win hearts and minds. To do that, think differently… Security Perception
  • 7. 7 Survival of the fittest Information Security just like the business or brand it protects, must evolve and become best “fitted,” or best “adapted,” to its environment for it to survive, and help the business to grow. The evolution of security AGILEFLEXIBLE ADAPT OR DIE ADAPTABLE BOLD
  • 10. Security as a brand
  • 11. 11 Security PR – spin doctors By making security engaging, it gains more acceptance. Security should be a positive experience for the majority of people Acceptance, is not only good for the business, it is good for you. Try to make security fun for your constituents, while still getting the “message” across.
  • 12. Making IT personal Security has to appear human, and not a soulless destroyer of worlds. NO!!!
  • 13. IT Savvy – only human I have won a free iPad! O’Really…
  • 14. The Art of Seduction* *or, “How Information Security can improve your sex life.”
  • 15. “Phishing is the act of attempting to acquire information by masquerading as a trustworthy entity in an electronic communication” Social Enginnering & Phishing
  • 16. 16 Who engages in social engineeringWho Uses Social Engineering We All do. HACKERS POLITICIANS SALESMEN SPIES SCAM / CON MEN PUA ACTORS MARKETERS
  • 17. The Psychology of Seduction 1. Reciprocation (Favours) 2. Commitment 3. Social values 4. Liking 5. Authority 6. Scarcity
  • 18. Reciprocation We are hard-wired to respond to a favour or gift, often not in direct proportion to the size of the favour done to us.
  • 19. Commitment and Consistency Once we make a choice or take a stand, we will encounter personal and inter-personal pressures to behave consistently with that commitment. When we “commit” we want to believe in a positive outcome.
  • 20. The Principle of Social Proof We view a behaviour to be more correct in a given situation to the degree that we see others performing it. By leveraging the power of social networking sites such as LinkedIn and Facebook.
  • 21. The Principle of Liking Not a difficult principle to understand, we prefer to say yes to requests from someone we know and like.
  • 22. The Principle of Authority Once we realize that obedience to authority is mostly rewarding, it is easy to allow ourselves the convenience of automatic obedience.
  • 23. The Principle of Scarcity One of the most common tactics is to build time pressure. The scarcity of time often makes people comply with requests in violation of their policies and their own common sense.
  • 25. Trick or Treat Positive reinforcement Negative reinforcement
  • 26. Risk reduction Find out what people fear… …Then make it go away.
  • 27. test Waterhole’s Social proof = Social behaviour = your social profile
  • 28. Creatures of habit Social engineering and phishing works, as we are programmed to have “rituals”, and the majority of things we do day to day are habitual. Rituals = Patterns of behaviour Same websites Favourite food FriendshipsSocial networks Waterholes exploit your social patterns, behaviour and rituals.
  • 31. The art of Seduction Seducers draw you in by focused individualised attention Choose the right victim – study your prey thoroughly and choose only those susceptible to your charms Create a false sense of security – if you are too direct early on, you risk stirring up resistance and that will never be lowered An object of desire – to draw your victim closer, create an aura of desirability Create temptation – find the weakness of theirs, keep it vague and stimulate curiosity Pay attention to detail – the details of seduction, subtle gestures, thoughtful gifts tailored for them