Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.

Olivia Liddell - Techorama Netherlands 2019 - Socially Engineering Your Pathway to a Better Team

In the context of information security, social engineering is a practice that can help hackers to acquire personal information, insights, and access. Social engineering techniques can also be used by hackers and non-hackers alike to become more skilled at observing the people around them and making informed decisions that are based on these observations. In this session, you will learn how to take a social engineering approach towards improving your team dynamics, including:

- Strategies for assessing your team’s current strengths and areas of improvement.

- Recommendations for developing an action plan to initiate change, and using ongoing observation techniques to effectively manage change.

- Best practices for resolving conflict, particularly for team members with different communication styles.

  • Sé el primero en comentar

Olivia Liddell - Techorama Netherlands 2019 - Socially Engineering Your Pathway to a Better Team

  1. 1. Socially Engineering Your Pathway to a Better Team Olivia Liddell @oliravi
  2. 2. #TechoramaNL @oliravi Agenda ● Assessing your team’s current strengths and areas of improvement ● Developing an action plan to initiate change ● Using ongoing observation techniques to effectively manage change ● Resolving conflict, particularly for team members with different communication styles
  3. 3. #TechoramaNL @oliravi What is Social Engineering? “...any act that influences a person to take an action that may or may not be in their best interest.” - Security Through Education
  4. 4. #TechoramaNL @oliravi “The goal of the social engineer is to get you to make a decision without thinking. The more you think, the more likely you are to realize you are being manipulated, which of course is bad for the attacker.” - Christopher Hadnagy, Social Engineering: The Art of Human Hacking
  5. 5. #TechoramaNL @oliravi My Observations about the Location Huge resort with some rooms about a 15-minute walk from the main lobby
  6. 6. #TechoramaNL @oliravi My Observations about the Location Most guests were wearing relaxed attire, shorts, swimwear, etc.
  7. 7. #TechoramaNL @oliravi My Observations about the Location The busiest times for the lobby were between 12-3 PM
  8. 8. #TechoramaNL @oliravi My Observations about the Front Desk Agents Afternoon: 10 front desk agents were working
  9. 9. #TechoramaNL @oliravi My Observations about the Front Desk Agents New agents were wearing a special “Trainee” badge
  10. 10. #TechoramaNL @oliravi My Observations about the Front Desk Agents Some agents were more talkative than others
  11. 11. #TechoramaNL @oliravi My Observations about the Front Desk Agents Some agents were smiling and using more hand gestures than others
  12. 12. #TechoramaNL @oliravi My Observations about the Front Desk Agents Differences in how the agents called out to the next person in line
  13. 13. Observe your team from an outside perspective.
  14. 14. #TechoramaNL @oliravi “Ethnography is the work of describing a culture. The central aim of ethnography is to understand another way of life from the native point of view. [...] Rather than studying people, ethnography means learning from people.” - James P. Spradley, Participant Observation
  15. 15. #TechoramaNL @oliravi Describe your team. ● Size ● Location(s) ● Remote percentage ● Single department or cross-functional
  16. 16. #TechoramaNL @oliravi Describe your team. ● Range of technical skills ● How long has the team been together? ● Which members tend to speak most often in meetings?
  17. 17. #TechoramaNL @oliravi Describe your team. ● Which members prefer to share their ideas through other communication channels? ● How frequently do more senior members pair together with more junior members? ● How do members interact with each other outside of meetings or project settings?
  18. 18. #TechoramaNL @oliravi What do they value?
  19. 19. When developing an action plan, begin with quick wins.
  20. 20. #TechoramaNL @oliravi “As a social engineer, remember that you don’t need to immediately go for the exact flags you need. Get some minor ones to help build those feelings that will lead the person to concede and comply.” - Christopher Hadnagy, Social Engineering: The Art of Human Hacking
  21. 21. #TechoramaNL @oliravi Strategy: Good / Better / Best
  22. 22. #TechoramaNL @oliravi Hotel Example ● Good: Any personal information that they can provide ○ Phone number ○ Email address ○ Type of credit card that was used to reserve the room ● Better: Room number ● Best: Keycard to access the room
  23. 23. #TechoramaNL @oliravi Team Example ● Good: More juniors asking for help from their senior colleagues ● Better: Lunch and Learn sessions to share knowledge and build skills ● Best: A formal mentorship program to pair junior and senior team members together
  24. 24. Observe how and why team members are responding to change.
  25. 25. #TechoramaNL @oliravi What do they value? What’s in it for them? Why should they want to do this?
  26. 26. #TechoramaNL @oliravi Prosci: ADKAR Model for Change Management Awareness of the need for change Desire to support the change Knowledge of how to change Ability to demonstrate skills and behaviors Reinforcement to make the change stick
  27. 27. #TechoramaNL @oliravi Hotel Example: What do they value? ● Helping the guest to have a smooth and positive interaction ● Helping someone in distress to have a better day ● Depending on the agent: ○ Being able to quickly move onto the next guest in line - OR - ○ Spending more time making a meaningful connection with the guest
  28. 28. Resolve conflict by offering a solution and value that are based on your observations.
  29. 29. #TechoramaNL @oliravi What do they value? What’s in it for them? Why should they want to do this?
  30. 30. #TechoramaNL @oliravi Dwight “I have to ask our manager if it’s okay for me to help you.” Jim “Before I can help you, we need to fix Jira first.” �
  31. 31. DirectIndirect Assertive Passive Jim Dwight
  32. 32. #TechoramaNL @oliravi Team Example: What do they value? Having an efficient and methodical workflow Learning new skills that could lead to a promotion Dwight Jim
  33. 33. #TechoramaNL @oliravi Resolving Conflict ● Be assertive (but not aggressive). ● Make your elevator pitch. ● Follow up with relevant examples or metaphors.
  34. 34. Conclusion
  35. 35. #TechoramaNL @oliravi Summary ● Observe your team from an outside perspective. ● When developing an action plan, begin with quick wins. ● Observe how and why team members are responding to change. ● Resolve conflict by offering a solution and value that are based on your observations.
  36. 36. #TechoramaNL @oliravi Additional Resources ● Christopher Hadnagy - Social Engineering: The Art of Human Hacking ● Kevin Mitnick - The Art of Deception: Controlling the Human Element of Security ● James P. Spradley - Participant Observation
  37. 37. #TechoramaNL @oliravi Additional Resources ● Kim Christfort and Suzanne Vickberg - Business Chemistry: Practical Magic for Crafting Work Relationships ● Robert A. Rohm - Positive Personality Profiles ● Prosci: ADKAR Model for Change Management
  38. 38. #TechoramaNL @oliravi Thank you! Slides: olivialiddell.com

×