The Social-Engineer Podcast

This month, Chris Hadnagy and Ryan MacDougall are joined by Ted Harrington. Ted is the author of HACKABLE: How to Do Application Security Right and the Executive Partner at Independent Security Evaluators (ISE), the company of ethical hackers famous for hacking cars, medical devices, and password managers. Ted has been named both Executive of the Year by the American Business Awards and an SD Metro 40 Under 40 entrepreneur. Ted has been featured in more than 100 media outlets, including The Wall Street Journal, Financial Times, and Forbes. [June 20, 2022] 

00:00 – Intro 

00:56 – Intro Links 

02:32 – Ted Harrington Intro 

03:21 – How did you start off in this industry? 

06:15 – Explain it like I'm 12 years old 

07:59 – The origins of ISE  

09:32 – Is there a "perfect" Password Manager? 

14:11 – How to communicate at the executive level 

16:54 – The right and wrong ways of investing in security 

25:17 – Responsible Disclosure 

29:04 – The challenges of the Medical Device field 

32:39 – The problem with legislation driving security  

34:20 – The manufacturers’ role in safety and security  

36:00 – Who is the book "Hackable" for? 

38:05 – Find Ted online 

38:37 – Book Recommendations 

41:04 – Who is your biggest mentor? 

45:35 – Wrap Up  

46:17 – Outro 


Today Chris is talking with Clay Drinko, Ph.D. Clay is an author and educator. He writes for Psychology Today about the intersection between improv comedy, science, and everyday life. He's also the author of the first academic book connecting improv and cognitive science, Theatrical Improvisation, Consciousness, and Cognition. His most recent book, Play Your Way Sane, was published by Simon & Schuster last year and applies his improv research to everyday life. [June 14, 2022] 

00:00 – Intro 

02:27 – Clay Drinko intro 

03:27 – How does someone in Improv decide to study Cognitive Science? 

05:46 – Losing anxiousness through performance 

07:34 – The importance of a shift in focus 

08:52 – Active Listening 

11:41 – Yes, and... 

14:01 – Don't try to be funny 

15:54 – Establishing "who" and "where" you are 

18:57 – How do you apply Cognitive Science to the idea of improv? 

21:56 – Leaving your "baggage" at the door 

25:13 – Managing the negative 

26:40 – What are the biggest life skills you've learned from improv? 

28:13 – Reflective questioning - Empathy or Selfishness? 

31:03 – You are not special 

34:29 – Do you want my help? 

37:37 – Find Clay Drinko online 

38:13 – Book Recommendations: 

40:34 – Who would you consider your biggest mentors? 

43:14 – Guest Wrap Up 

44:04 – Outro 


This month, Chris Hadnagy and Ryan MacDougall are joined by Adam Glick. Adam is currently the Chief Information Security Officer for SimpliSafe in Boston, MA. In this position and his previous jobs, Adam has had the responsibility of managing all matters pertaining to information security, risk, policy, and procedures. Adam is currently an adjunct professor at Boston College in the cybersecurity policy & governance program, and an adjunct professor of IT in the MBA program at the School of Business at Providence College. Outside of the office, he is a car and technology enthusiast along with an avid reader, hiker, cyclist, and Brazilian Jiu-Jitsu practitioner.  

[May 16, 2022] 

00:00 – Intro 

00:56 – Intro Links 

02:52 – Adam Glick Intro 

04:05 – How did you get started in Information Security? 

05:10 – Applying a background in teaching to InfoSec 

06:37 – Developing security programs for different environments 

08:14 – Getting people to think about security 

09:32 – Microtraining: Updating the way that we train for security 

12:10 – The importance of security in our Professional and Personal lives 

14:28 – Customizing security training for large companies 

15:29 – Approaching security from a Top-Down perspective 

17:20 – Getting top management to support security training 

20:55 – Action steps for companies to focus on 

  • Cyber Hygiene 
  • Risk Based Methodology 

23:22 – How can companies assess their own risk? 

26:55 – Internal interviews to build security protocols 

28:47 – Jiu Jitsu Security??? 

29:58 – How to contact Adam online 

31:19 – Who are your greatest mentors? 


Today we will be talking with Abbie Maroño, a nonverbal communications and social influence coach. Abbie published her first paper in nonverbal communication at 19 years old, going on to do her PhD in behavior analysis and become a university lecturer at 23. She now directs a research group, BRINC, alongside her coaching and teaching. [May 9, 2022] 

00:00 – Intro 

04:47 – At what point in your life did you want to become a Nonverbal expert? 

06:56 – The reality of getting to where you want to be 

08:39 – What kept you going after rejections? 

11:15 – How does a person learn to find their passion? 

14:06 – How did you decide to make Nonverbal Communications a career? 

17:53 – How important is Open VS Closed Body Language? 

23:00 – What is orientation and why does it matter? 

27:49 – The role of body language in a virtual setting 

33:30 – The "perception" of eye-contact in a video call 

35:31 – Find Abbie Maroño on the web 

36:05 – New Job Announcement 

38:16 – Who would you consider your biggest mentors? 


This month, Chris Hadnagy and Ryan MacDougall are joined by Patrick Laverty. Patrick is the Senior Team Lead at Social Engineer, LLC, working with an incredible team of professional social engineers. He was previously a senior penetration tester at Rapid7 and a member of the CSIRT at Akamai. He is a co-organizer of the Layer 8 Conference and is the host of the Layer 8 Podcast on social engineering and OSINT. He lives in Rhode Island with his daughter, dog and two cats. [April 18, 2022] 

00:00 – Intro 

00:50 – Patrick Laverty intro 

02:19 – Intro Links 

04:38 – Security Awareness in the world today 

05:25 – Malicious Domain Registrations 

06:58 – Protecting yourself from false domains 

11:24 – CISA Alert / Shields Up 

12:36 – Lowering Reporting Thresholds 

13:33 – Empowering Security Information Officers 

16:50 – Tabletop Exercises 

19:20 – Planning for Continuity 

21:09 – Beyond the Financial Effects of Ransomware 

24:29 – Trying to protect the Healthcare Sector 

25:27 – Backup & Recovery Process 

28:38 – The source of Ransomware 

30:03 – Planning for a Ransomware attack 

31:51 – Why your site will be attacked 

33:41 – 3 Actionable Tips 

35:30 – Book Recommendations 

38:20 – Wrap Up  

39:18 – Outro 


Today we will be talking with Vanessa Bohns. Vanessa is a social psychologist and professor of organizational behavior at Cornell University. She holds a PhD from Columbia University and an AB from Brown University. Her writing has appeared in the New York Times, Wall Street Journal, and Harvard Business Review, and her research has been widely featured in the media, including The Wall Street Journal, The New York Times, The Atlantic, The Economist, and on NPR’s Hidden Brain. Her first book, You Have More Influence Than You Think, was just published in September 2021. [April 11, 2022]

00:00 – Intro

01:53 – Vanessa Bohns intro

02:43 – How did you make Social Influence your field?

05:48 – Why do we assume people will be negative when we make a request?

08:01 – The surprising results of asking for things

11:12 – We are wired to be agreeable

13:34 – What are the security implications of our default attitudes?

16:59 – What are the consequences of underestimating your own influence?

19:32 – Understanding how the situation can influence ethics

21:05 – What would you say is your favorite find?

21:48 – Enlisting someone to influence their ethics

24:00 – Paying attention to the human side of security

25:04 – What is your next study?

27:11 – The importance of a predefined script

28:54 – Will "keywords" change a person’s sense of agreeability?

30:10 – Recognizing your own influence

31:41 – Who would you consider some of your biggest mentors?

  • Frank Flynn – Professor
  • Father

33:39 – Book Recommendations:

35:47 – Guest Wrap Up

36:17 – Find Vanessa Bohns on the web

36:49 – Outro

 


This month we are joined by Dr. Camille Preston, who is the CEO and founder of AIM Leadership. Since founding AIM Leadership in 2004, she has worked with leaders across sectors and the capital stack. As a business psychologist, Camille brings research and insights from psychology, neuroscience, and business to her work. Whether supporting Fortune 500 leaders, startup founders, or C-suite executives in healthcare, Camille's sweet spot is helping uncover hidden barriers to increase the capacity to optimize, innovate, and manage change.   

In addition to working as a coach and business psychologist, Camille is author of two books, a regular contributor to several established publications in the business and psychology fields, and the author of a growing library of actionable resource tools.  

A life-long challenge seeker, Camille has lived on four continents, worked on six, and traveled extensively. [March 14, 2022] 

 

00:00 – Intro 

01:25 Dr. Camille Preston Intro 

02:43 How did you get into this? 

05:02 The Journey to Awareness & Mindfulness 

06:39 Building Mindfulness 

08:32 Horizontal VS Vertical Development 

10:00 Gateways of Vertical Development 

11:41 Owning Mistakes 

14:02 Planning For Problem Solving  

15:12 Building Trust 

16:21 Authentic Connections in a Virtual World 

19:24 Mental Health Pandemic 

21:25 The Importance of Great Leadership 

22:41 Integrating Head and Heart 

23:53 What makes someone “all heart”? 

26:51 The Importance of Leaving Your Country 

29:45 – Who are your greatest mentors? 

33:36 – Book Recommendations: 

35:21 – Guest Wrap Up 

35:37 – Outro 


This month Chris Hadnagy and Ryan MacDougall are joined by Kathleen (Kate) Mullin. Kate is an influential information security practitioner with over 30 years of experience. Kate currently is CISO with Cancer Treatment Centers of America.  Kate has been CISO at various organizations including start-ups, publicly traded, private equity, not-for-profit, and governmental entities. Throughout her career, Kate has volunteered and participated in maturing information security as a profession. She volunteers with ISC(2) and ISACA and has been a member of the ISACA CGEIT Certification and Credentials Committee and a chapter president. Kate serves as a featured international speaker and panelist. She has a BSBA from St Joseph’s College and an MBA from Florida Metropolitan University. Kate is also certified as a Master Level Social Engineer. [February 21, 2022] 

00:00 – Intro 

03:09 – Kathleen Mullin intro 

04:25 – How did you get started in Information Security? 

06:39 – What are some indicators that tells you something is ineffective? 

10:21 – Do you think the “cookie cutter” type of training is a reflection on the security awareness team itself? 

12:16 – How can you offer the more personalized training to a company that is spread out all over the U.S. or the globe? 

16:31 – Is having someone in this position who is focused on the people and the results the way to go about having the program be successful? 

18:09 – What are your major security concerns being in the healthcare industry, and how are you dealing with those? 

21:08 – We are seeing SMishing attacks becoming more prevalent in general. Are you seeing that happening in your industry? 

22:47 – Caring about employees’ security outside of work as well 

23:35 – What are some action steps that any company can start doing right now? 

  • Have metrics and measure training effectiveness 
  • Humanize your training 
  • Incremental steps 
  • Care about your users for real 

26:11 – Demoralizing phishing techniques 

28:15 – Book Recommendations: 

30:13 – Who would you consider your greatest mentor? 

34:27 – Finding Kate on the web: 

35:17 – Guest Wrap Up 

36:00 – Outro 


This month Chris Hadnagy and Ryan MacDougall are joined by John Strand from Black Hills Information Security. John has both consulted and taught hundreds of organizations in the areas of security, regulatory compliance, and penetration testing.  He is a coveted speaker and much-loved SANS teacher. John is a contributor to the industry-shaping Penetration Testing Execution Standard and 20 Critical Controls frameworks.  He enjoys mountain biking, getting hurt mountain biking, sucking at surfing, and heavy music. January 17th 2022 

00:00 – Intro 

 

02:40 – John Strand Info 

03:31 - ILF 

04:51 - Ryan intro 

06:30 – Chat about Chris getting his company started 

08:21 - How did you get started with your own company? 

12:17 - Cows 

14:56 – The idea of travel and never seeing your family 

15:57 - What was the point where you started to feel “this company is going to work” 

18:35 – Creating company loyalty 

22:06 - “Pay What You Can” training 

30:22 – More on how the pandemic changed workflow 

34:03 – More on pay-what-you-can training – management of 5,000 people 

41:41 – How can someone take action right now? 

44:59 – Favorite Books 

47:55 – Who is your biggest mentor 

51:34 – Guest Wrap-Up 

52:30 - Outro 

 

 


This is a special edition of Social-Engineer's Human Element Series Podcast.  Chris Hadnagy will discuss Covid-19 testing site scams, and how you can protect yourself against them. [January 14, 2022]

 

00:00 – Intro

00:21 – Covid-19 Testing Site Physical Scams

05:46 – Other types of scams during Covid-19

06:44 – Outro

 


This month Chris Hadnagy is joined by the fascinating Amy Herman. Amy is a lawyer and an art historian who uses works of art to sharpen observation, analysis, and communication skills. She developed her Art of Perception seminar in 2000 and since then has worked with the New York City Police Department, the FBI, Department of Defense, Fortune 500 companies and more. She is also a TED speaker and an author of 2 books. Her latest book, “Fixed: How to Perfect the Fine Art of Problem-Solving was just released in December of 2021. She is also going to be bringing her fascinating training seminar to the Human Behavior Conference this March! [January 10, 2022] 

 

00:00 – Intro 

02:39 -  Amy Herman Intro 

04:17 – Tell us how you got to where you are today 

07:12 – How did you get to the conclusion where two different people from the same class have different needs? 

10:00 – Is there an equation or secret about how an every day person can use that skill? 

13:33 – Amy's new book, “Fixed”

15:00 – How did you come up with the concept of this book? 

18:00 – What is the hope you want for people who read this? 

19:52 – How has the past 18 months changed the concepts of visual intelligence? 

25:55 – Are you going to keep virtual training? 

29:50 – Being more empathetic and finding common ground 

32:31 – Can you explain “pertinent negative” from your book? 

35:34 – Tell the story about your book cover 

40:36 – Besides yours what are some of your favorite books? 

Website:  www.artfulperception.com 

Instagram: @AmyHermanAOP 


1