Episode 4

The Human Vulnerability Factor

A widely reported 2019 survey found that 99% of the attacks are focused on exploiting human vulnerabilities by targeting people instead of computer systems and infrastructure. Some of the most significant data breaches were carried out after stealing login credentials from human actors. Jenny Radcliffe, also known as “The People Hacker,” a world-renowned Social Engineer, provides some fascinating insights and stories regarding the human factor in cybersecurity. She discusses the various challenges of dealing with human vulnerabilities, provides specific recommendations on how to reduce such risks, gain top management buy-in, and more.

Memorable Jenny Radcliffe Quotes/Statements

"Properly use the security that you already have in place. A lock doesn’t work unless we turn the key."

"People really need to know what they need to do when they see something suspicious."

"The real vulnerability is in our humanity; the fact that we are human. We are vulnerable to cognitive biases, and errors, and they can be weaponized by someone with malicious intent."

Timestamps

03:23 -- What are the challenges in dealing with human vulnerabilities?

06:07 –- What are some specific recommendations on how to reduce the human vulnerability risk?

12:09 -- What kind of senior executive buy-in do you see when talking with companies? Buy-in from the standpoint of focusing on the human vulnerability factor.

17:12 –- Given your experience as an ethical hacker, is there a story (about exploiting human vulnerability) that you can share?

28:25 -- What are organizations doing to incentivize security-driven disciplined behavior?


Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

About the Podcast

Show artwork for The Cybersecurity Readiness Podcast Series
The Cybersecurity Readiness Podcast Series
with Dr. Dave Chatterjee

About your host

Profile picture for Dave Chatterjee

Dave Chatterjee

Dr. Debabroto 'Dave' Chatterjee is tenured professor in the Management Information Systems (MIS) department, at the Terry College of Business, The University of Georgia (UGA). He is also a Visiting Scholar at Duke University, affiliated with the Master of Engineering in Cybersecurity program in the Pratt School of Engineering. An accomplished scholar and technology thought leader, Dr. Chatterjee’s interest and expertise lie in the various facets of information technology management – from technology sense-making to implementation and change management, data governance, internal controls, information security, and performance measurement. His work has been accepted and published in prestigious outlets such as The Wall Street Journal, MIT Sloan Management Review, California Management Review, Business Horizons, MIS Quarterly, and Journal of Management Information Systems. Dr. Chatterjee’s research has been sponsored by industry and cited over two thousand times. His book Cybersecurity Readiness: A Holistic and High-Performance Approach was published by SAGE Publishing in March 2021.