A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Social Engineering At Work - How to use positive influence to gain management buy-in for anything - April Wright Derbycon 2018 (Hacking Illustrated Series InfoSec Tutorial Videos)

Social Engineering At Work - How to use positive influence to gain management buy-in for anything
April Wright
Derbycon 2018

Do you understand how to navigate office politics and regularly get what you want and need to make your security efforts take off and be successful? Are there projects or programs you want to institute, but have trouble getting started or knowing how to get people on-board? Most of us understand how SE can be used to test for human vulnerabilities, but socializing at work may give us a yucky feeling. However, if you really want to learn how to get buy-in for your ideas or projects and get what you want, you need to be able to navigate the social system at work and exert indirect influence. It is possible to study and reverse the “dark arts” of SE to actually achieve positive goals; SE principles are used every day by savvy business people to make things happen, even if they don’t realize that they’re using them. Let’s define ways even the most introverted person can play the corporate game in a non-malicious non-manipulative way. Then, we can use this knowledge within our organizations to improve our security posture, “sell” security to stakeholders, and lessen risk. Learn how to utilize the tools of SE “for good” so that we can better serve our infrastructures and customers.

April C. Wright is a hacker, author, teacher, and community leader with over 25 years of breaking, making, fixing, and defending global critical communications and connections. She is an international speaker and trainer, educating others about Information Security, with the goal of protecting individual privacy and important assets to make the digital components that impact our lives safer and more secure. A security program specialist for a Fortune 15 company, April has held roles on offensive, defensive, operational, and development teams throughout her career, and been a speaker and contributor at numerous security conferences including BlackHat, DEF CON, DerbyCon, Hack in Paris, DefCamp, ITWeb, as well as for the US Government and industry organizations such as OWASP and ISSA. She has started multiple small businesses including a non-profit, is a member of the DEF CON Groups Core Team, and in 2017 she co-founded the Boston DEF CON Group DC617. April has collected dozens of certifications to add letters at the end of her name, almost died in Dracula’s secret staircase, and once read on ‘teh interwebs’ that researchers at the University of North Carolina released a comprehensive report in 2014 confirming that she is the “most significant and interesting person currently inhabiting the earth”, so it must be true.

@aprilwright

Back to Derbycon 2018 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast