We did something which I think was quite a novelty in our Cyber Security “Creating a Human Firewall” workshop. We tried to identify who is hackable among the participants in our workshop. And the participants loved it!

I know it sounds weird! Who in the right mind would want to volunteer themselves and admit to everyone they are hackable, a ripe target that could ruin a company! What more, if their colleagues are also in attendance and god forbid that one of them is his/her boss, it could very well jeopardize office relationships and even career progression.

But in all honesty, we are all subject to being hacked nowadays. Even government agencies and financial institutions fall victims. This is because in every single day, we hear of ever more creative ways of hacking people. Long gone are the days of a Nigerian Prince looking for somewhere to park his millions is enough to fool us into falling into the scams. Now its website spoofing – sites looking exactly like your local bank’s where you are to reset your passwords for unknown reasons, or the tax collector saying that your name has been triggered by the system as someone in default.

The bad news is the greatest threat landscape is now aimed at the very people who work in an organization. In order to do this, scammers tend to find those which a certain profile. This could be a new hire or an intern, the security guard, the help desk crew, people under pressure due to datelines, the helpful co-worker, HR, Accounts, PA to the CEO or CFO etc. Frankly, its anybody!

Coming back to our workshop, we profiled the participants and debriefed them what their results meant. We measure their cognitive profiles and motivations and cross-referenced it with their personality profile to get a holistic understanding of who they really are. Armed with the insights of who they really are, we played it against a few case studies of social engineering. We handed out scripts to the participants and they role-played it based on the actual actors that was involved (although we took some liberty in dramatizing it a bit!). And then asked them whether there was a possibility that they could be tricked to fall victim of the same scam.

To our surprise, most of them felt they were susceptible of getting socially engineered by hackers. What was more surprising was that we found that most of the reasons that people were able to be socially engineered is the type of persuasion tactics used by hackers. Many of the tactics were so influential that even highly professional people were not immune to be socially engineered.

There were so much demand for us to do the workshop again. The good news is we are doing it again on the 7-8 December 2023 with new and updated modules. If you need more details on this, email us at mindsights.consulting@gmail.com or whatsapp at 011.3992.5201 or register below.

Wednesday – Thursday, 7-8 December 2022,

Venue: Biz Academia, 911 Block F, Phileo Damansara No.9 Seksyen 16/11, Off Jalan Damansara, 46350 Petaling Jaya, Selangor, Malaysia.