How would you engineer your own organization? What does your organization have of ‘value’ to others? How would you attempt to penetrate your own physical security?
Boston, MA (PRWEB) March 25, 2010
ZeroPoint Risk Research LLC, the Boston-based risk management research and consulting firm, takes an in-depth look at the tactical and strategic volatilities of threats and risks indigenous to any enterprise, large or small, worldwide. Jeff Bamberger, Executive Research Fellow, has launched an ongoing series of blogs on the ZeroPoint Risk Research web site, Tales of a Social Engineer, addressing issues that range from an employee’s nefarious motivations to stakeouts; bypassing physical security; theft of products, personally identifiable information, as well as intellectual property and trade secrets. Defending against social engineering is a vital aspect of computer security breaches and regulatory compliance.
According to Jeff, “The series includes, but is not limited to, theft of non-public personal information, financial information, confidential corporate information, and physical assets of value.” He describes a successful social engineer as someone who must analyze the place and function of people and other physical controls in an attempt to stop activities that threaten the enterprise. “As much as it may be counterintuitive to you, think like a criminal. How would you engineer your own organization? What does your organization have of ‘value’ to others? How would you attempt to penetrate your own physical security?”
“Tales of a Social Engineer is intended to help the enterprise add tools to its organizational toolbox, including social engineering techniques, controls, and threat and risk analysis and management,” Jeff explained. “In addition to discussing techniques which I have previously utilized, I also take a look at some of the root causes and issues which I have been able to take advantage of and subsequently utilize to succeed in my efforts.”
ZeroPoint Risk Research LLC, http://www.ZeroPointRisk.com, advises clients and develops solutions for managing information integrity in an increasingly hostile world, including regulatory, legal, financial and reputation risk. The firm also developed ETX PRISM™, the Enterprise Threat Index for Predictive Risk Impact Scenario Modeling™, a software and risk methodology designed to reduce intellectual property and trade secret theft, identity theft and mitigate organizational risk. http://www.ZeroPointRisk.com/blog.
Susan Shea, Media Relations Director
Web site: http://www.ZeroPointRisk.com