Sr. Information Security Consultant
Session Title: Defending The Enterprise Against Social Engineering Attacks
Technology will continue to advance, but the greatest vulnerability will always exist in the human behind the keyboard. Many resources exist on the exploitation of these vulnerabilities, but few discuss prevention at an enterprise level. At this year’s Summit, I’ll be introducing the Social Engineering Defensive Framework. This scalable process provides a road map for management to see their organization from a social engineer’s point of view, have a clear understanding of how susceptible they are to attack, and how to prevent attacks in the future.
Valerie Thomas is a Principal Information Security Consultant for Securicon LLC that specializes in social engineering and physical penetration testing. After obtaining her bachelor’s degree in Electronic Engineering, Valerie led information security assessments for the Defense Information Systems Agency (DISA) before joining private industry. Her unique Defense and civilian background provides her with a solid understanding of intrusion detection, data loss prevention, and endpoint (in)security. Her electronic and RFID training became a crucial element of her physical security specialization. While some choose to focus on cyber of physical security, she has chosen to exploit the weaknesses of the combination of the two. As an ethical hacker and consultant she holds multiple industry certifications.
Valerie is the coauthor of “Building an Information Security Awareness Program: Defending Against Social Engineering and Technical Threats” with Bill Gardner. Throughout her career, Valerie has conducted penetration tests, vulnerability assessments, compliance audits, and technical security training for executives, developers, and other security professionals. She has provided briefings and workshops for DEFCON, Derbycon, Blackhat, and multiple BSides events.