Wednesday

ISSA Event on "Social Engineering" (updated)




Information about the next ISSA event is online. UPDATE (5/9/2007) The details have appeared:

"Welcome to the The Weakest Link!"

Contrary to what this title suggests, ISSA will NOT be hosting this famous television quiz show. So there is no need to be afraid of being sent away due to a lack of knowledge concerning trivia. However, there are some similarities with the topic of this event, Social Engineering. Eg., things you don't know about, might hurt you badly. And the Weakest Link in Information Security is very often located " Between Keyboard And Chair". A 50000 EUR security device may protect your information assets as perfectly as possible, but if an employee provides his login credentials in exchange for a candybar, you might have to walk "The Walk of Shame" anyway... This ISSA event will be more interactive as usual. But you'll go home better informed and less vulnerable, as usual.

Hope to welcome you all on this very interesting event!

This evening event will be held on

Thursday, September 20th, 2007

Place :

Getronics Executive Briefing Center, Leopold Tower, Rue de Genèvestraat 10, 1140 Brussels (Evere)

Agenda :

1800h : Welcome with drinks and sandwiches (PLEASE FOLLOW ACCESS PROCEDURE MENTIONED BELOW!!! NO ACCESS AFTER 1900HRS!!!)
1830h : Part 1 - Presentation

1. Social engineering- definition
2. Historical overview
1. What's the motive behind social engineering
2. The human element
3. Known exploits.
4. Approaches to protecting your company against social engineering

1930h : short break
1945h : Part 2 - Workshop – Steal the flag

The target - "Secrus Traders Inc." (A fictional company) financial results

o Group A - will represents the social engineering attackers
o Group B - will represent the security department of a "Secrus Traders Inc"

Members of Group A will need to define a timely driven attack scenario against "Secrus Traders Inc." corporation in an attempt to steal the next quarterly financial results.

Members of Group B will need to define timely driven measures to try to increase the awareness of the organization, managing management, employees, and public.

End of part 2 - Presentation of Group A and Group B strategies, comments from the participants.

2045h : closing drink

PRACTICAL INFO AND REGISTRATION INSTRUCTIONS

PS: Don't forget it's OWASP Day (6-Sep-2007) this Thursday.

Posted by Security4all at 5.9.07

Labels: , ,

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)