Christina Lekati Speaking Topics

• Information Security Is Up Against Weaponized Psychology

  Social Engineering has become one of the most effective and efficient attack methods used to initiate and enable cyber attacks. We read in the news about large-scale security violations, where investigators are not able to understand the phase of initiation. Most often, a social engineering attack is involved. By design, this is the type of attack that moves in the shadows, delivered by criminals and state-sponsored agents that are able to blend in multiple environments and often leave no trace, making it very difficult to identify the point of initial compromise. Similar to warfare operations, these threat actors strive to create an asymmetrical advantage based on a carefully planned strategy.

  Cybersecurity today is not only a technical challenge.

  It is also a behavioural challenge. As long as executives, managers and employees can provide access to critical assets, systems, and data, attackers will be targeting them through social engineering schemes in order to acquire this access. Those who have access to technology and organizational assets have also become responsible for protecting those assets. Do you or your colleagues make the perfect target?

  Weaponized psychology has started becoming a tool employed to infiltrate organizations in the public and private sectors, steal sensitive information, recruit insiders, and help attackers breach organizational security.

  This talk provides insights on the mechanisms and the methodology of today’s elaborate social engineering attacks and explains the increasingly growing threat of weaponized psychology. It will also discuss how attackers elicit information that assists them in initiating or delivering an attack. The talk will include case studies and lessons learned on the use of weaponized psychology from the fields of business and human intelligence operations (HUMINT) in social engineering and in recruiting insider threats, as well as what makes some targets more attractive than others.

• How Cyber Attackers Profile & Target Key People Through Social Media

  While to the rest of the world social media are friendly platforms of communication and sharing, for cyber attackers & malicious social engineers, they are targeting and information harvesting platforms. Even though social media do not always demonstrate our true personalities, they do demonstrate the way we want to be viewed and treated by others. This can be a lot more useful for attackers and social engineers who tailor their approach to their targets and lure them in through their victims’ personal wants and needs. In our social media profiles, we "leak" behavioral tendencies and characteristics that provide significant intelligence for any type of operation targeting humans.

  The talk covers the topic of information gathering through social media intelligence (SOCMINT), and explains how even seemingly innocent information can be used to manipulate or influence targets. Case studies will be provided.

  It also discusses the art & science of profiling, along with its limitations for social engineering. A two-part demonstration is included on how a profiler’s mind works when harvesting information on social media:

  The first part includes real examples of posts that expose vulnerabilities, attract attackers and ultimately can be exploited and lead to a security breach.

  The second part dives deeper and demonstrates how the information found on a social media profile (from the pictures to the words used by an individual in their captions) are gathered, categorized into a profiling matrix and then analyzed, bringing into the surface a personality profile. The target's profile can then provide actionable intelligence that increases the success of attacks, or attack simulations.

  Real life case examples will be provided.

The Behavioral Science Influencing Your Cybersecurity Culture

What does it take from a cybersecurity professional to be heard in their organization and spread their message about the importance of cybersecurity to both the leadership and the other employees? And if that wasn’t already hard enough, what does it take to lead behavior change and build a cybersecurity culture? It has become clear that technical cybersecurity measures need to operate in harmony with, and to be applied from people. Today’s employees need to practice good cyber security habits to protect the assets they handle and their organization. However convenience, productivity requirements, and other organizational realities are often competing in people’s heads; and it makes them conclude that cybersecurity is simply an “inconvenience” that they soon decide to ignore. On the other hand, security professionals -who were originally focused on securing technology alone, are now tasked with a vastly different requirement: to lead behavioral change within their organization. This topic discusses the psychological elements & behavioral science involved in shifting the user’s perspectives towards cybersecurity and driving behavior change. It discusses what drives motivation, people’s perception of risk & reward, the psychology of willful compliance, and more.

Ultimately, this topic helps security managers & executives to more effectively communicate & implement the necessary cybersecurity requirements that employees need to practice within their organization.

When Your Biggest Threat is on Your Payroll: Drivers & Enablers of Insider Threats

It is an irony in organizational security: Although so much capital is invested in the protection of the organizational assets against external threats, some of the largest compromises have occurred as a result of insider threats, sometimes resulting in irrecoverable damage, reputation risk, and liability. This type of threat is more important for organizations that are part of the critical infrastructure and industries where intellectual property and the protection of sensitive information are critical elements for their operations. Employees in security-focused environments learn to treat outsiders with suspicion and to maintain trust boundaries. However, it is often the case that once an “outsider” enters the payroll of an organization they are given a "carte blanche" in terms of trust and disclosure of information. They are now treated as the "insiders" that they are• members of the same tribe, fighting and working towards the same goals and using their skills to benefit their organization. Employees do not always realize that some “colleagues” consider the exploitation of organizational weaknesses a high-reward activity that serves their personal interests better than loyalty to the employer.

This presentation aims to shed light on the challenging topic of insider threats. It will discuss the motives that lead employees to unauthorized disclosure of sensitive information, process corruption, electronic sabotage, and/or the facilitation of third-party access to organizational assets. Research has repeatedly found a clear link between insider activity taking place and exploitable weaknesses in an organization’s security and management processes. Therefore, this talk will go on discussing the organizational factors enabling insider threat operations as well as countermeasures against them, by combining the lessons learned on insider activity prevention from the fields of counterintelligence, psychology, and cyber-security.