In this talk, Jenny Radcliffe discusses how negative psychology is at the heart of malicious social engineering. She discusses how the principles of deployed in ancient occult practices are still used today to manipulate the emotions of potential targets. The talk looks at the different "tribes" within organisations, and how cognitive bias and psychological factors can contribute to attacks on organizations and individuals, and what might be done to overcome them.

The talk covers the use of fear as a weapon in people-based attacks and explains how an understanding of the mechanics of this often misunderstood principle emotion, is as essential in modern times as it always has been, in defending against malicious social engineering in all its forms.

An educational and informative examination of modern surveillance and espionage techniques. Using real examples and extensive knowledge to study the ways equipment, communications & techniques are used to attack modern business.

The aim of the presentation is to inform and educate security professionals of the very "real" threat their organisations face from modern surveillance technology and techniques. Different threat vectors will be examined and described, with real world examples.

Looking at commercially available devices and techniques that; exploit, mobile and fixed communications, spoken work, building systems, procedures and infrastructure to collect unauthorised information.

The correct countermeasures for each included threat will be examined and explained. The presentation will convey valuable specialist information allowing attendees to become more informed on the subject and address the problem with clearer knowledge of this fascinating subject.

Rob shares how a red team exercise for a large organisation simulates a real-world criminal attack under controlled conditions. Rob will introduce his talk with the words "The story you are about to hear is true; only the names have been changed to protect the vulnerable". Ethical hackers from First Base Technologies conduct red team tests to help organisations understand where they are vulnerable to advanced attacks. This presentation describes each step of a real-world exercise: planning and recon, spear phishing, telephone social engineering, building access, network exploitation and data exfiltration. As the story develops, you will discover how an attacker thinks, why they choose a particular strategy and what you can do to minimise your organisation's vulnerability to advanced threats.

• Understand how to determine who your assailants are, what they can exploit and the consequences of their attacks
• Appreciate the risks to your business, based on real-world threats and vulnerabilities
• Identify the phases of a criminal attack and map the threats onto your security plans
• Be ready to engage a red-team exercise to test your organisation's attack surface and weaknesses