Sign up to save your podcasts
Or
Share Jenny Radcliffe on People Hacking [Podcast]
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Jenny Radcliffe on People Hacking [Podcast]
Post By: Adam Turteltaub
Liverpool-based Jenny Radcliffe, who leads Human Factor Security, is not your typical hacker, clad in a black hoodie and working out of basement. Rather than spending her time hunched over a keyboard, she seeks to hack people.
What does that mean? As she explains in this podcast, she uses persuasion, psychology and influence methods to make her way into systems, and even into physical premises. She is often hired to break alarms and see if she can talk her way into a building.
She does it by capitalizing on the all-too-human aspects of our personalities, and from her experiences she has learned how phishing emails and other techniques also capitalize on human weaknesses to enable hackers to breach computer systems.
What’s both terrifying and fascinating, is how hackers take advantage of our weaknesses, tailoring their attacks, knowing that different scams work for different people and cultures. In fact, she explains that the organization culture you have, is the hack you invite. In a hierarchical organization the hacker will likely use authority principles. In a younger, less rules-driven culture attackers may use registration for a social activity as a way to steal passwords and IDs.
Hackers also take advantage of human emotions and stress. As she memorably says, “Emotion kicks logic off the cliff.” That’s why techniques such as promising a prize or threatening the release of embarrassing information can be so successful in getting people to click where they shouldn’t.
She advises companies create “cognitive firewalls” within their organization, helping employees to watch for red flags such as:
* Any approach via email, call or social media that makes the recipient emotional
* The mentioning of money
* The request to act, especially if asked to act quickly
How else can you protect your organization? By making it safe for people to come forward when they make a digital mistake. The more comfortable they are coming forward, the faster they will and the sooner the breach is remediated.
And how do you find the internal bad actor? That, she says, falls on the shoulders of line managers, who need to be on the lookout for changes of behavior that may indicate stress.
Listen in to learn more, including the risks that can come as employees return to the workplace.
View all episodes
By SCCE
4.8
3434 ratings
Post By: Adam Turteltaub
Liverpool-based Jenny Radcliffe, who leads Human Factor Security, is not your typical hacker, clad in a black hoodie and working out of basement. Rather than spending her time hunched over a keyboard, she seeks to hack people.
What does that mean? As she explains in this podcast, she uses persuasion, psychology and influence methods to make her way into systems, and even into physical premises. She is often hired to break alarms and see if she can talk her way into a building.
She does it by capitalizing on the all-too-human aspects of our personalities, and from her experiences she has learned how phishing emails and other techniques also capitalize on human weaknesses to enable hackers to breach computer systems.
What’s both terrifying and fascinating, is how hackers take advantage of our weaknesses, tailoring their attacks, knowing that different scams work for different people and cultures. In fact, she explains that the organization culture you have, is the hack you invite. In a hierarchical organization the hacker will likely use authority principles. In a younger, less rules-driven culture attackers may use registration for a social activity as a way to steal passwords and IDs.
Hackers also take advantage of human emotions and stress. As she memorably says, “Emotion kicks logic off the cliff.” That’s why techniques such as promising a prize or threatening the release of embarrassing information can be so successful in getting people to click where they shouldn’t.
She advises companies create “cognitive firewalls” within their organization, helping employees to watch for red flags such as:
* Any approach via email, call or social media that makes the recipient emotional
* The mentioning of money
* The request to act, especially if asked to act quickly
How else can you protect your organization? By making it safe for people to come forward when they make a digital mistake. The more comfortable they are coming forward, the faster they will and the sooner the breach is remediated.
And how do you find the internal bad actor? That, she says, falls on the shoulders of line managers, who need to be on the lookout for changes of behavior that may indicate stress.
Listen in to learn more, including the risks that can come as employees return to the workplace.
More shows like Compliance Perspectives
View all
The Joe Rogan Experience
229,674 Listeners
Hidden Brain
43,687 Listeners
Wait Wait... Don't Tell Me!
38,950 Listeners
Making Sense with Sam Harris
26,380 Listeners
Pivot
9,724 Listeners
FCPA Compliance Report
20 Listeners
Up First from NPR
56,944 Listeners
Stay Tuned with Preet
32,354 Listeners
Corruption Crime & Compliance
43 Listeners
GZERO World with Ian Bremmer
837 Listeners
Compliance into the Weeds
12 Listeners
Daily Compliance News
7 Listeners
The Ezra Klein Show
16,525 Listeners
On with Kara Swisher
3,538 Listeners
The Mel Robbins Podcast
20,222 Listeners