Recorded: February 24 | 2022 Watch
How do hackers survey your company to identify gaps in your security program? Rachel Tobac executes these attacks for a living! But she's not a criminal, she's a white hat hacker -- launching successful social engineering attacks to train others on the up-to-date methods criminals use to gain access to your money, data, or systems, before the bad guys get there first.
Rachel's fun and fast-paced hacker stories from the field will arm you and your business with current examples of real attacks and the necessary skills, scripts, and best practices to catch hackers like her in the act with takeaways on protecting your firm’s valuable assets. With insights like these, and with tools like BitSight, that can identify many of the obvious external exploitable controls, you can improve your overall security posture, and also harden your employees, who are your first security control!
Learn how to:
- Identify the most vulnerable external and internal practices or policies
- Prepare for a Social Engineering Risk Assessment
- Understand the information you’ve collected and identified
- Evaluate and quantify each risk
Presented By:
David Hawkins, Director, Consulting Engineer, BitSight. David has been in the security industry for just over 20 years. His background includes both IT security as well as physical security. David has served as the Technical Vice Chair of the Open Security Exchange, co-authoring the PHISBITs security protocol which was intended to help integrate physical and IT security. On the Information Security side, David has been part of the engine behind responding to security questionnaires, writing security product and procedural documentation, and speaking on various topics to include identity management, secure file sharing, and advanced threat protection. As a consulting engineer with BitSight, he is focused on helping companies with risk, compliance, technology, and program development. His goal is to promote the continued maturity of the security ratings industry into a discipline that holistically considers information security, data protection, technology, and business risk as a unified concept.
Rachel Tobac, CEO of SocialProof Security, White Hat Hacker. Rachel is a hacker and the CEO of SocialProof Security where she helps people and companies keep their data safe by training and pentesting them on social engineering risks. Rachel was also a winner of DEF CON's wild spectator sport, the Social Engineering Capture the Flag contest, 3 years in a row. Rachel has shared her real life social engineering stories with NPR, Last Week Tonight with John Oliver, The New York Times, Business Insider, CNN, NBC Nightly News with Lester Holt, Forbes and many more. In her remaining spare time, Rachel is the Chair of the Board for the nonprofit Women in Security and Privacy (WISP) where she works to advance women to lead in the fields. Find her on Twitter: @racheltobac @socialproofsec @wisporg