Sign in to turn on 1-Click ordering.
More Buying Choices
Have one to sell? Sell yours here
Sorry, this item is not available in
Image not available for
Image not available

Tell the Publisher!
I’d like to read this book on Kindle

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

Hacking the Human: Social Engineering Techniques and Security Countermeasures [Illustrated] [Hardcover]

Ian Mann
3.4 out of 5 stars  See all reviews (5 customer reviews)
RRP: £76.93
Price: £70.00 & FREE Delivery in the UK. Details
You Save: £6.93 (9%)
o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o
Only 2 left in stock (more on the way).
Dispatched from and sold by Amazon. Gift-wrap available.
Want it tomorrow, 27 Oct.? Choose Express delivery at checkout. Details

Book Description

28 Nov 2008
Information security is about people, yet in most organizations protection remains focused on technical countermeasures. The human element is crucial in the majority of successful attacks on systems and attackers are rarely required to find technical vulnerabilities, hacking the human is usually sufficient.Ian Mann turns the black art of social engineering into an information security risk that can be understood, measured and managed effectively. The text highlights the main sources of risk from social engineering and draws on psychological models to explain the basis for human vulnerabilities. Chapters on vulnerability mapping, developing a range of protection systems and awareness training provide a practical and authoritative guide to the risks and countermeasures that are available.There is a singular lack of useful information for security and IT professionals regarding the human vulnerabilities that social engineering attacks tend to exploit. Ian Mann provides a rich mix of examples, applied research and practical solutions that will enable you to assess the level of risk in your organization; measure the strength of your current security and enhance your training and systemic countermeasures accordingly. If you are responsible for physical or information security or the protection of your business and employees from significant risk, then "Hacking the Human" is a must-read.

Special Offers and Product Promotions

  • Between 20-26 October 2014, spend £10 in a single order on item(s) dispatched from and sold by Amazon.co.uk and receive a £2 promotional code to spend in the Amazon Appstore. Here's how (terms and conditions apply)

Frequently Bought Together

Hacking the Human: Social Engineering Techniques and Security Countermeasures + Hacking the Human 2 + Social Engineering: The Art of Human Hacking
Price For All Three: £105.48

Buy the selected items together

Customers Who Bought This Item Also Bought

Product details

  • Hardcover: 266 pages
  • Publisher: Gower Publishing Ltd; illustrated edition edition (28 Nov 2008)
  • Language: English
  • ISBN-10: 0566087731
  • ISBN-13: 978-0566087738
  • Product Dimensions: 17.9 x 2.2 x 25.2 cm
  • Average Customer Review: 3.4 out of 5 stars  See all reviews (5 customer reviews)
  • Amazon Bestsellers Rank: 914,825 in Books (See Top 100 in Books)
  • See Complete Table of Contents

More About the Author

Discover books, learn about writers, and more.

Product Description


Full of ideas and angles that turn day-to-day security management on its head. For years the security business has ground away at technical issues that company boards don't understand...this book lays open the reality of 'real' security - the security that the CEO understands and worries about. So much about security these days is about fighting mythical hackers using ever-more expensive and poorly-understood gadgetry. As the UK's leading 'white hat' social engineer, Ian Mann has written the definitive text for anyone interested in actually protecting something. The book addresses the 'elephant in the room' that has quietly undermined so much of our efforts. In the past, this issue was used to justify not worrying about security - after all - no matter what we do with the firewalls, someone could just walk in through reception, right? This book sets that straight: Our biggest security worry can be addressed, and in a way that brings the whole subject to life. --Jon Pumfleet, Head of Information Security

About the Author

Ian Mann is Senior System Consultant with ECSC Ltd (www.ecsc.co.uk) a specialist information security consultancy. Ian has worked with a wide range of companies, including a number of leading financial institutions, to help them understand the risk from attacks by social engineers, and to develop effective countermeasures. He is also known for his presentations on the subject.

Inside This Book (Learn More)
Browse Sample Pages
Front Cover | Copyright | Table of Contents | Excerpt | Index | Back Cover
Search inside this book:

Sell a Digital Version of This Book in the Kindle Store

If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store. Learn more

What Other Items Do Customers Buy After Viewing This Item?

Customer Reviews

Most Helpful Customer Reviews
4 of 4 people found the following review helpful
5.0 out of 5 stars The forgotten part of Information Security 2 Mar 2009
By A J R
As an information security professional of several years we have always focused on the technical controls to protect the data of an organisation, however the issues that occur in real-life occur in the people through either mistakes or malicious behaviour. It's a matter of when something will happen rather than if and that is where the book focuses.

This book looks at the forgotten child of the information security world, "the person". It goes through the vulnerabilities of them in detail with countless examples which when you read them will make you laugh, until you realise that this could happen in any organisation on any day. Have we ever seen anything go wrong from Information Security without a person interacting somewhere? It looks at the conditioning, the way people learn and their expectations and how easy it can be to prey on what they think.

Once it goes through the vulnerabilities of people it then starts to look at the solutions and the way to become people focused from an Information Security standpoint.

As a book it is a real eye-opener because it makes you stop and think about the vulnerabilities once all the technical controls have been put in place. If you are working within I.S. this book is a great guide as to how to align the people and reduce the risk of something embarrassing happening to you!
Comment | 
Was this review helpful to you?
2 of 2 people found the following review helpful
4.0 out of 5 stars Informative - for Security Professionals 13 Feb 2009
If you are responsible for information security then Hacking the Human makes a refreshing and thought provoking change from traditional security books which frequently focus on technical and physical countermeasures.

The author demonstrates the importance of risk assessing the often overlooked human vulnerability resident within our organisations. People (humans) are regularly targeted and deceived by social engineering techniques however there is very little useful information published for security and IT professionals regarding the exploitation of human vulnerabilities.

With plenty of examples and suggested mitigations this book is a well researched and authoritative guide to 'hacking the human' which will enable security professionals to make more informed security risk assessments.

Whether you get into the NLP content of the book or not you will think differently about your current security and its effectiveness when you realise it might just be bypassed by someone simply carrying a cup of coffee with an air of confidence!
Comment | 
Was this review helpful to you?
2 of 2 people found the following review helpful
4.0 out of 5 stars A refreshing change 20 Feb 2009
This book redresses the balance by examining an area of security which is often overlooked - you and me! - concentrating on that well known weakest link - people. It adds a new element to risk assessments, and provides numerous examples of how easily we can all fall victim to scams, which can undermine the many and costly technical controls which we deploy. The content balances the sometimes complex technical volumes aimed at developing our understanding of threats and vulnerabilities and how to control them. Such books on security tend to omit, or gloss over, the people factor - we are reminded that the strongest doors and technical controls are of little use if we do not ensure that the person we are dealing with is who they claim to be.
The author's dry sense of humour lightens the theory which helps the reader understand why criminals utilise such tactics, and how we are pre-programmed to fall for them. Some good reference material for anyone involved in security awareness training.
Comment | 
Was this review helpful to you?
5 of 8 people found the following review helpful
3.0 out of 5 stars Disappointing 4 Feb 2009
This book was a pretty big disappointment, especially with such a big price tag. The introduction starts off very promising but the remainder of the book fails to deliver. I am not a security professional so I can't really comment about the countermeasures section, but as somebody with a big interest psychology and social engineering, this book was a big let down. The section on language is just a brief summary of some principles from NLP, which is completely unsupported by science, despite his claims that the book will show scientifically verified principles of manipulation. More time and effort spent on silly charts etc than content.
If you havent read The Art of Deception, read that. If you have, dont bother buying this book as further reading like I did, you will be disappointed.

I would point readers in the direction of 'Yes! 50 secrets from the science of persuasion" and "Influence: science and practice" by the legendary R. Cialdini for more information on influence.

This subject area is definitely in need of another book to follow on from Art of Deception, this is certainly not it. Save yourself the money.
Comment | 
Was this review helpful to you?
0 of 10 people found the following review helpful
1.0 out of 5 stars I didnt understand the title 23 Jan 2011
By R N N
I didnt really understand the title. I probably shouldnt have bought the book.
The title shouldnt have been so confusing.
Comment | 
Was this review helpful to you?
Would you like to see more reviews about this item?
Were these reviews helpful?   Let us know
Search Customer Reviews
Only search this product's reviews

Customer Discussions

This product's forum
Discussion Replies Latest Post
No discussions yet

Ask questions, Share opinions, Gain insight
Start a new discussion
First post:
Prompts for sign-in

Search Customer Discussions
Search all Amazon discussions

Look for similar items by category