Learn more Download now Shop now Learn more Shop now Shop now Shop now Shop now Shop now Shop now Shop now Shop now Learn More Shop now Shop now Shop now Learn more Shop Fire Shop Kindle Moana - Listen with Prime Shop now Shop Women's Shop Men's

on 2 March 2009
As an information security professional of several years we have always focused on the technical controls to protect the data of an organisation, however the issues that occur in real-life occur in the people through either mistakes or malicious behaviour. It's a matter of when something will happen rather than if and that is where the book focuses.

This book looks at the forgotten child of the information security world, "the person". It goes through the vulnerabilities of them in detail with countless examples which when you read them will make you laugh, until you realise that this could happen in any organisation on any day. Have we ever seen anything go wrong from Information Security without a person interacting somewhere? It looks at the conditioning, the way people learn and their expectations and how easy it can be to prey on what they think.

Once it goes through the vulnerabilities of people it then starts to look at the solutions and the way to become people focused from an Information Security standpoint.

As a book it is a real eye-opener because it makes you stop and think about the vulnerabilities once all the technical controls have been put in place. If you are working within I.S. this book is a great guide as to how to align the people and reduce the risk of something embarrassing happening to you!
0Comment| 4 people found this helpful. Was this review helpful to you? Report abuse
on 20 February 2009
This book redresses the balance by examining an area of security which is often overlooked - you and me! - concentrating on that well known weakest link - people. It adds a new element to risk assessments, and provides numerous examples of how easily we can all fall victim to scams, which can undermine the many and costly technical controls which we deploy. The content balances the sometimes complex technical volumes aimed at developing our understanding of threats and vulnerabilities and how to control them. Such books on security tend to omit, or gloss over, the people factor - we are reminded that the strongest doors and technical controls are of little use if we do not ensure that the person we are dealing with is who they claim to be.
The author's dry sense of humour lightens the theory which helps the reader understand why criminals utilise such tactics, and how we are pre-programmed to fall for them. Some good reference material for anyone involved in security awareness training.
0Comment| 2 people found this helpful. Was this review helpful to you? Report abuse
on 13 February 2009
If you are responsible for information security then Hacking the Human makes a refreshing and thought provoking change from traditional security books which frequently focus on technical and physical countermeasures.

The author demonstrates the importance of risk assessing the often overlooked human vulnerability resident within our organisations. People (humans) are regularly targeted and deceived by social engineering techniques however there is very little useful information published for security and IT professionals regarding the exploitation of human vulnerabilities.

With plenty of examples and suggested mitigations this book is a well researched and authoritative guide to 'hacking the human' which will enable security professionals to make more informed security risk assessments.

Whether you get into the NLP content of the book or not you will think differently about your current security and its effectiveness when you realise it might just be bypassed by someone simply carrying a cup of coffee with an air of confidence!
0Comment| 2 people found this helpful. Was this review helpful to you? Report abuse
on 20 August 2015
A little over a decade ago, I bought a 55 gallon drum of lube. I never thought I’d use it all but a few days ago the pump finally ran dry. I‘ve had a lot of good times with it. My wife, too. And not just what you’d think. The book was good too.
0Comment|Was this review helpful to you? Report abuse
on 4 February 2009
This book was a pretty big disappointment, especially with such a big price tag. The introduction starts off very promising but the remainder of the book fails to deliver. I am not a security professional so I can't really comment about the countermeasures section, but as somebody with a big interest psychology and social engineering, this book was a big let down. The section on language is just a brief summary of some principles from NLP, which is completely unsupported by science, despite his claims that the book will show scientifically verified principles of manipulation. More time and effort spent on silly charts etc than content.
If you havent read The Art of Deception, read that. If you have, dont bother buying this book as further reading like I did, you will be disappointed.

I would point readers in the direction of 'Yes! 50 secrets from the science of persuasion" and "Influence: science and practice" by the legendary R. Cialdini for more information on influence.

This subject area is definitely in need of another book to follow on from Art of Deception, this is certainly not it. Save yourself the money.
0Comment| 5 people found this helpful. Was this review helpful to you? Report abuse
on 23 January 2011
I didnt really understand the title. I probably shouldnt have bought the book.
The title shouldnt have been so confusing.
0Comment|Was this review helpful to you? Report abuse

Need customer service? Click here

Sponsored Links

  (What is this?)