Episode 4

Published on:

21st Jul 2021

The Human Vulnerability Factor

A widely reported 2019 survey found that 99% of the attacks are focused on exploiting human vulnerabilities by targeting people instead of computer systems and infrastructure. Some of the most significant data breaches were carried out after stealing login credentials from human actors. Jenny Radcliffe, also known as “The People Hacker,” a world-renowned Social Engineer, provides some fascinating insights and stories regarding the human factor in cybersecurity. She discusses the various challenges of dealing with human vulnerabilities, provides specific recommendations on how to reduce such risks, gain top management buy-in, and more.

Memorable Jenny Radcliffe Quotes/Statements

"Properly use the security that you already have in place. A lock doesn’t work unless we turn the key."

"People really need to know what they need to do when they see something suspicious."

"The real vulnerability is in our humanity; the fact that we are human. We are vulnerable to cognitive biases, and errors, and they can be weaponized by someone with malicious intent."


3:23 -- What are the challenges in dealing with human vulnerabilities?

6:07 –- What are some specific recommendations on how to reduce the human vulnerability risk?

12:09 -- What kind of senior executive buy-in do you see when talking with companies? Buy-in from the standpoint of focusing on the human vulnerability factor.

17:12 –- Given your experience as an ethical hacker, is there a story (about exploiting human vulnerability) that you can share?

28:25 -- What are organizations doing to incentivize security-driven disciplined behavior?

Please subscribe to the podcast so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Show artwork for The Cybersecurity Readiness Podcast

About the Podcast

The Cybersecurity Readiness Podcast
with Dr. Dave Chatterjee
The Cybersecurity Readiness podcast serves to have a reflective, thought-provoking and jargon free discussion on how to enhance the state of cybersecurity at an individual, organizational and national level. Host Dr. Dave Chatterjee converses with subject matter experts, business and technology leaders, trainers and educators and members of user communities. He has been studying cybersecurity for over a decade. He has delivered talks, conducted webinars, consulted with companies and served on a cybersecurity SWAT team with CISO's. He is an Associate Professor of Management Information Systems at the University of Georgia and Visiting Professor at Duke University.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

About your host

Profile picture for Dave Chatterjee

Dave Chatterjee

Dr. Debabroto 'Dave' Chatterjee is tenured professor in the Management Information Systems (MIS) department, at the Terry College of Business, The University of Georgia (UGA). He is also a Visiting Scholar at Duke University, affiliated with the Master of Engineering in Cybersecurity program in the Pratt School of Engineering. An accomplished scholar and technology thought leader, Dr. Chatterjee’s interest and expertise lie in the various facets of information technology management – from technology sense-making to implementation and change management, data governance, internal controls, information security, and performance measurement. His work has been accepted and published in prestigious outlets such as The Wall Street Journal, MIT Sloan Management Review, California Management Review, Business Horizons, MIS Quarterly, and Journal of Management Information Systems. Dr. Chatterjee’s research has been sponsored by industry and cited over two thousand times. His book Cybersecurity Readiness: A Holistic and High-Performance Approach was published by SAGE Publishing in March 2021.