Mon, 12 July 2021
In this episode, Chris Hadnagy is joined by Teresa Abram. Teresa is the founder of Handwriting P.I., a full-service handwriting analysis business. Teresa is not only a handwriting analyzer, but also a professional personality investigator who can spot the red flags of a dangerous personality, identify someone’s strengths, and uncover what is holding someone back. Teresa’s interest in handwriting started when she was just 14 years old and has led her to hosting her own podcast, “A Most Unusual T Party” where she uses the letter T to unlock pieces of a person’s story...which is fascinating to listen to! July 12, 2021 00:00: Intro 03:01: Teresa Abram Intro 05:00: How did you get into this at 14 years old? 07:50: How does one practice handwriting analysis? 09:05: What is scary handwriting? Psychopath scale. 10:00: Chris’ handwriting 11:20: Can you fool handwriting analysis? 14:00: Can this be used by companies to vet potential employees? 16:05: InfoSec and Handwriting are similar. All science is accurate until it’s not. 18:35: Universal gestures 21:53: Discussion about Social-Engineer COO Ryan 24:19: Does Handwriting PI do handwriting analysis for employers? Combined with other disciplines. 26:31: Chris’ handwriting sample 27:23: Banned by Hitler as witchcraft 28:16: How long has handwriting analysis been around? 28:51: Can you analyze in different languages? How?
34:06: Methodology continued. Turning the paper over. Go to the letter “t”. 37:21: How long does handwriting analysis take to do? 38:12: What is another way you work with companies? 39:30: Wrap-up Teresa on the internet: Instagram: Handwriting_PI Website: www.handwritingpi.ca
40:47: Teresa’s mentor - Sheila Lowe, President of the American Handwriting Analysis Foundation 41:54: Favorite Books: 44:00: How old is Teresa’s Daughter? And how did she like having a Mom who would read her handwriting? 46:00: Outro
Direct download: Ep._149_-_Human_Element_Series_-_Whats_In_A_T_with_Teresa_Abram.mp3
Category:Human Element Series -- posted at: 2:00am EDT |
Wed, 16 June 2021
Ep. 148 - Security Awareness Series - Three Degrees of Separation from Neil Fallon with Rockie Brockway
In this episode, Chris Hadnagy and Ryan MacDougall are joined by Rockie Brockway. Rockie is currently the Practice Lead for the Office of the CSO for TrustedSec. With over 28 years' experience in information security and business risk, Rockie specializes in Business Risk Analysis and the inherent relationships between data, assets, adversaries, and the organization’s brand value. He provides strategic and tactical advisory services to TrustedSec’s clients, assisting them in maturing their organizations’ security programs. 00:00 – Intro Breaking Security Awareness Virtual Conference by Living Security – Chris will appear June 24 03:35 – Rockie Brockway Intro 07:25 – A little about Rockie’s background and how he got started in the industry 10:35 – Rockie's feelings on the past 29 years, from the first virus he saw vs what we see now 12:35 – Rockie was in a math rock band called Craw, Rockie played shows with CLUTCH!!! 17:15 – What should I have or learn to get a job in a company like yours? 21:52 – How do you take curious and knowledgeable people’s knowledge and bridge that gap between them and the decision makers? 23:43 – How can young people get the qualities you suggest? 25:20 – Never be afraid of failure 27:45 – How important is top-down leadership support, or what are the most important aspects of doing your job? 31:25 – Are there more or less “future thinking” proactive security concerns than there were years ago? 36:02 – What level of organizations are bringing you in for your assistance? 37:28 – Action steps for corporations to start doing now Outro 40:42 – Colleagues you respect most in the industry
42:45 – Book recommendations
44:33 – How to contact Rockie
Direct download: Ep._148_-_Security_Awareness_Series_-_Three_Degrees_of_Separation_from_Neil_Fallon_with_Rockie_Brockway.mp3
Category:Security Awareness -- posted at: 1:19pm EDT |
Mon, 14 June 2021
In this episode, Chris Hadnagy and Maxie Reynolds are joined by one of our greatest friends and mentors, Joe Navarro. After serving as an FBI agent for 25 years, Joe has become a nonverbal and behavioral expert. Since retiring, he has authored 14 books in 29 languages dealing with human behavior and body language. His book “What Every BODY Is Saying” remains the #1 selling body-language book in the world for over 12 years. Joe’s new book “Be Exceptional” brings 40 years of his observations and research into one book. 00:00 – Intro June 24th: Chris at Living Security 2nd annual Breaking Security Awareness (digital conference for 2021) 03:54 – Joe Navarro Intro 05:40 – Discussion on Joe’s newest book, “Be Exceptional”. Why a book about being exceptional? 08:41 – Is the writing style in the new book purposely like the others, where you compiled people’s behavior? Did you start writing with this idea, or did the book come about after you had cataloged it all? 13:16 – What is the difference between excellence and perfection? 15:13 – “Whoever provides the most psychological comfort is going to be the soonest winner” 16:23 – Excellence is about experience and the journey 18:34 – How does someone get to the place where they have mastery over their emotions? 22:50 – How do you get people to have self-awareness and humility? 24:05 – Self-Mastery 26:12 – What is the ranking of success, if it’s not “counting possessions”? 28:15 – How much of excellence is habit? Is any of excellence based on genetics? 29:18 – Thoughts on Usain Bolt and other runners achieving excellence 32:44 – Thoughts on Benjamin Franklin achieving excellence 39:42 – “Be Exceptional” comes out June 29, a bit of discussion about book release 41:02 – Wrap Up How to contact Joe: Joe Navarro on Twitter: @NavarroTells 42:01 – Favorite Books The Power of Myth – Joseph Campbell 44:22 – Joe’s Mentors Mom, Dad, Grandma Jack Schafer David Givens Gerald Post – CIA 47:12 – Outro www.social-engineer.org – newly redesigned
Direct download: Ep._147_-_Human_Element_Series_-_Becoming_Ben_Franklin_with_Joe_Navarro.mp3
Category:Human Element Series -- posted at: 1:00am EDT |
Mon, 17 May 2021
In this episode, Chris Hadnagy and Ryan MacDougall are joined by Jason Frank. Jason has an extensive background in helping both government and Fortune 100 organizations, and has served a course instructor for the Black Hat security conference. Jason is now currently the COO at SpecterOps, where he is accountable for execution of the company. He oversees the Adversary Simulation and Detection delivery capabilities, where he helps clients to understand, detect, and respond to adversaries. May 17, 2021
00:00 – Intro 03:05 – Podcast Guest Jason Frank Intro 03:22 – Jason at BlackHat 03:30 - SpecterOps 04:34 – How Jason got to where he is 08:50 – Curiousity and motivation born from failing at a CTF 09:50 – Adversary Simulation – why is Jason using this phrase? 12:32 – Where are we in the current security culture? 16:11 – How to get attention of stakeholders, what concepts do you put in play? 18:03 – Reactive vs. Proactive 21:56 – How can corporations prepare for and mitigate attacks? 23:39 – What are the business repercussions of not letting machines talk to each other, and only the server? 25:45 – What are the more recent attacks you’ve seen coming up that people should be looking for? 28:14 – Knowledge bombs – terminology that people can look up to recognize “low hanging fruit” they may be missing – Bloodhound 30:00 – Cycles where certain things can be exploited such as ActiveDirectory 30:50 – What other things do companies need to be watching for 32:14 – PowerShell 33:44 – What are some action steps that corporations should start taking right now? 34:51 – Colleagues Jason respects most in the industry
36:50 – Jason's Book Recommendations 38:31 – Wrap-Up @joemontmania on Twitter (Ryan MacDougall) @HumanHacker on Twitter (Chris Hadnagy) @InnocentOrg on Twitter (Innocent Lives Foundation)
Direct download: Ep._146_-_Demand_Transparency_with_a_blue_shirt_with_Jason_Frank.mp3
Category:Security Awareness -- posted at: 8:47am EDT |
Mon, 10 May 2021
In this episode, Chris Hadnagy and Maxie Reynolds are joined by industry professional Jack Schafer, PhD. Dr. Schafer is a psychologist, professor, intelligence consultant, and former FBI Special Agent. Dr. Schafer spent fifteen years conducting counter-intelligence and counterterrorism investigations, and seven years as a behavioral analyst for the FBI's National Security Division's Behavioral Analysis Program. May 10, 2021
00:00 - Intro 03:32 - Introduction to Dr. Jack Schafer, PhD. 04:54 - How Jack decided to start training people in his field after retirement 07:46 - Why is rapport building important? 11:49 - How do you stop rapport from being used against you? 13:51 - Explaining “The Truth Bias” 15:37 - Rapport works across different cultures 18:15 - The basic human need to correct other people 19:28 - Integrating the knowledge of that need into work as an FBI agent - “Brian’s Loop” 23:01 - People don’t answer yes or no, they answer Yes+, No+, I Don’t Know+ 23:19 - Flattery 25:13 - Roundabout vs Direct Approach 26:45 - The “right” way is the way that works for you 29:58 - The Truth “Default Mode” and breaking the baseline 33:05 - Verbal vs. Non-Verbal Cues 36:19 - Get A Commitment 37:36 - Why does getting a commitment work on humans? 39:50 - The Lip Purse 42:40 - Wrap Up 44:45 - Jack’s Mentors 46:30 - Contact Jack Email: jackschafer500@yahoo.com 47:06 - Outro
Direct download: Human_Element_Series_Podcast_-_145_Jack_Schafer_FINAL.mp3
Category:Human Element Series -- posted at: 1:00am EDT |
Mon, 19 April 2021
In this episode of the SECurity Awareness Series of the SEPodcast, Chris Hadnagy and Ryan MacDougall are joined by Ashley Rose, the CEO of Living Security. Listen in as they discuss the best methods to teach cybersecurity awareness, as well as the unique advantages when using escape rooms to do so. April 19, 2021
00:00 – Introduction 03:12 – Introduction to Ashley Rose 04:31 – Ashley’s path into cybersecurity awareness 10:59 – Developing an escape room that teaches cybersecurity 15:02 – How Living Security adapted to the pandemic 22:16 – How Ashley gets the attention of potential clients 26:00 – Why “adaptive problem solving” is a vital skill 28:49 – How this training is increasing security awareness 30:47 – The industry’s unhealthy focus on compliance 34:41 – The science that went into developing the training 36:49 – How training can be individualized to increase effectiveness 41:42 – Ashley's contact info 42:28 – Ashley's most respected colleagues 44:40 – Ashley’s action steps that corporations should start doing right now 49:06 – Ashley's book reccomendations 50:13 – Outro
Direct download: Ep._144_-_Adaptive_Problem_Solving_with_Ashley_Rose.mp3
Category:Human Element Series -- posted at: 1:00am EDT |
Mon, 12 April 2021
In this episode of the Social-Engineer podcast, Chris Hadnagy and Maxie Reynolds are joined by Dr. Ida Ngambeki, an Assistant Professor of Computer and Information Technology at Purdue University. Listen in as they discuss importance of empathy and the best ways to teach social engineering. April 12, 2021 00:00 – Intro 03:25 – Introduction to Dr. Ida Ngambeki 04:20 – How Ida got into social engineering 08:45 – Teaching the next generation of social engineers 11:30 – Teaching the distinct aspects of social engineering 17:05 – The difference between a pentester and a malicious actor 19:01 – The importance of bias and assumptions 20:36 – Ida’s unconventional path to social engineering expertise 24:42 – The importance of empathy in security education 27:50 – The three aspects of empathy 30:04 – Diversity in the information security industry 34:22 – Chris getting held at gunpoint 39:50 – The problem with fear-based pretexts 42:32 - Ida’s industry mentors Donna Riley Demitra Evangelou Melisa Dark Alejandrah Magana William Gratiano Mark Rogers 45:14 – Ida's book recommendations 47:59 – Ida's contact info 49:23 – Maxie's book 51:02 - Outro
Direct download: NEW_Ep._143-_Empathetic_Hugs_with_Ida_Ngambeki.mp3
Category:Human Element Series -- posted at: 1:00am EDT |
Mon, 15 March 2021
In this episode of the SECurity Awareness Series of the SEPodcast, Chris Hadnagy and Ryan MacDougall are joined by Brian Phillips who is responsible for information security at Macy’s. Listen as they discuss how to: build an information security organization, hire the right people, and get buy-in from executives. March 15, 2021
00:09 – Intro 01:54 – Introduction to Brian Phillips 02:44 – Security in a retail environment and impacts from the pandemic 07:25 - How to build an information security organization from the ground up 10:14 – Changing an organization's mindset for better security 14:20 – The most desirable quality in a team member, and how to recognize it in an interview 18:21 – How to nurture an outsider into a security professional 22:48 - How to align corporate security initiatives with business goals 26:38 – The importance of buy-in from the C-level down, and how to get it. 38:13 – Key takeaways that corporations should start doing now 40:17 – Brian’s most respected colleagues 42:14 – Brian's book recommendations Robin Dreke's Books: Joe Navarro’s Books:
44:03 – Conclusion
Direct download: Ep._142__You_Can_Be_Right_and_Still_Be_Wrong_with_Brian_Phillips.mp3
Category:Security Awareness -- posted at: 2:09am EDT |
Mon, 8 March 2021
In this episode, Chris Hadnagy and Maxie Reynolds are joined by ex-FBI Spy Catcher and now world renowned Trust and Rapport expert, Robin Dreeke. Listen in as they discuss the importance of mentoring, TRUST and relationship building. - March 8, 2021 00:09 – Intro 01:43 – Introduction to Robin Dreeke 03:35 – The importance of mentoring 09:37 – The levels of mentoring 11:05 – How to find a mentor 14:18 – How to choose a mentee 18:49 – Building genuine relationships and partnerships 21:11 – Teaching transparency 23:29 – Bringing value to a relationship and exercising transparency 25:45 – Try to understand the reasons behind a person’s actions 33:13 – Figure out what kind of feedback a person needs 36:20 – Making empathy a habit 38:01 – When emotionally hijacked, utilize tactical empathy 41:17 – Is it better to confront or adapt to miscommunication? 47:08 – Robin's current projects and info Human Hacking Conference: https://www.humanhackingconference.com/trainers/robin-dreeke/ 51:51 – Robin's most respected colleagues 52:55 – Robin's book recommendations 56:17 - Outro
Direct download: Ep._141_-_Do_You_Want_to_be_Mentored_with_Robin_Dreeke.mp3
Category:Human Element Series -- posted at: 1:00am EDT |
Mon, 15 February 2021
In this episode, Chris Hadnagy and Ryan MacDougall are joined by industry professional, Julie Rinehart. Julie has spent the last 10 years building and enhancing Fortune 500 enterprise Security Awareness programs. Listen as they discuss using empathy to improve security awareness and the flaws in the “stupid user” philosophy.
00:10 – Intro 01:56 – Introduction to Julie Rinehart 02:28 – How Julie got into the industry 06:21 – Dismantling the “stupid user” philosophy 07:53 – How to interview your employer 10:34 – The biggest milestones in Julie’s career 14:31 – How you can encourage users to report the phish they clicked on 19:22– What we can learn from “people who try to do the right thing and then mess up” 25:25 – The benefits of making security personal 28:34 – Julie's biggest challenges in the industry 30:28 – Increase security awareness using gamification 35:13 – Julie's mentors and most respected colleagues 38:54 - Julie’s podcast recommendations 43:52 – Outro
Direct download: Ep._140__Empathetic_Security_with_Julie_Rinehart.mp3
Category:Security Awareness -- posted at: 1:00am EDT |