Documente Academic
Documente Profesional
Documente Cultură
Information Risk
and Security
EW
Hacking the Human
Social Engineering Techniques and
N
Security Countermeasures
Ian Mann
• Provides understanding to the risk that
organization’s face from social engineering
• Offers examples, research and practical
solutions that will enable a company to
develop a training and security strategy
based on these risks
• Examines the limitations to current security
thinking, and gives countermeasures that
are available
Information security is about people, yet in
most organizations protection remains focused
on technical countermeasures. The human
element is crucial in the majority of successful
attacks on systems and attackers are rarely
required to find technical vulnerabilities,
hacking the human is usually sufficient.
Ian Mann turns the black art of social
engineering into an information security
risk that can be understood, measured and
managed effectively. The text highlights the
main sources of risk from social engineering
and draws on psychological models to explain
the basis for human vulnerabilities. Chapters
on vulnerability mapping, developing a range
of protection systems and awareness training About the Author:
provide a practical and authoritative guide Ian Mann is Senior System Consultant with
to the risks and countermeasures that are ECSC Ltd (www.ecsc.co.uk) a specialist
available. information security consultancy. Ian has
worked with a wide range of companies,
There is a singular lack of useful information including a number of leading financial
for security and IT professionals regarding the institutions, to help them understand the
human vulnerabilities that social engineering risk from attacks by social engineers, and to
attacks tend to exploit. Ian Mann provides a rich develop effective countermeasures. He is also
mix of examples, applied research and practical
known for his presentations on the subject.
solutions that will enable you to assess the
level of risk in your organization; measure the Contents:
strength of your current security and enhance Introduction
your training and systemic countermeasures Part One The Risks:
accordingly. If you are responsible for physical What is social engineering?; Understanding
or information security or the protection of your your risks; People, your weakest link;
business and employees from significant risk, Limitations to current security thinking.
then Hacking the Human is a must-read. Part Two Understanding Human
Vulnerabilities:
This title is also available as an e-book.
Trust me; Reading a person; Subconscious
Hardback 266 Pages November 2008 mind; Parent, Adult, Child.
978-0-566-08773-8 £60.00 Part Three Countermeasures:
e-ISBN: 978-0-7546-9351-2 Vulnerability mapping; Protection systems;
Awareness and Training; Testing.
Index.
I enclose a cheque for £_ _________ made payable to Bookpoint Ltd Total ________
Please invoice me / my organization
Please charge £__________ to my Mastercard/American Express/Visa* *Circle which applies
Card No: __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ Expiry Date: __ __ / __ __
If you are using your personal credit card to order, please ensure you include details of your registered
card address if it differs from that given below.
Address details (BLOCK CAPITALS PLEASE)
Name _________________________________________ Job Title ____________________________
Organization ________________________________________________________________________
Address ____________________________________________________________________________
___________________________________________________________________________________
Post/Zipcode _ __________________________________ Country ____________________________
Telephone______________________________________ E-mail ______________________________
MONEY BACK GUARANTEE: Gower has no hesitation in offering this publication on 14 days’ approval. If you are
not completely satisfied, return the book/s to us in good condition and we will cancel your invoice.
Gower Publishing, or other organizations, may mail or email offers reflecting your preferences.
G8AUM 11/08
Tick if you do not want offers from Gower or from other organizations