BSides Berlin 2021: Sourya Biswas - Psychology of the phish

About the talk: According to the X-Force Threat Intelligence Index 2020, produced by IBM X-Force Incident Response and Intelligence Services, phishing is still the number one attack vector in use today. Security professionals often overlook the “social” aspect of “social engineering”, focusing on tool deployment instead. The success of phishing is predicated on exploiting normal human behavior for nefarious purposes. This session looks at phishing through this psychological lens, specifically on how the Seven Principles of Influence as expounded by Robert Cialdini are leveraged by attackers. About the speaker: Sourya is a Principal Security Consultant in the Risk Management & Governance (RM&G) practice at NCC Group, a security consulting firm headquartered and listed in the UK with a major and growing US subsidiary. He has 16+ years of experience in Information Risk and Security, and hold an undergrad degree in Information Technology from IIIT Calcutta and an MBA from the University of Notre Dame. He has several articles on cloud computing available online and served as technical editor for an authoritative textbook on the subject. He is a certified CISSP, CCSP, CISA, CISM, CRISC, CGEIT, PMP and also has several ITIL Intermediate certifications. He has spoken at BSidesSF, BSidesCT, BSidesOK, ISACA Conference, Secure360 and InfoSec World among others. His first job is being a father to two adorable and naughty munchkins, 4 and 3 years old.