• Course code:63818A
  • Contents

INFOSEC of socio-technical systems

SOCIOTECHNICAL systems  Definitions  Context effects  Research overview (brief) • Human Computer Interaction  Brief Refresh of already acquired knowledge.  Noteworthy research findings. Areas of overlap with INFOSEC. • Human Attack vectors (HAV) Very brief definitions, threat modelling, intelligence types, etc.  Why focus on HAV?  Contextualisation of HAV in INFOSEC.  Some methods of exploitation of HAV - Overview. • Social Engineering  Definitions, components.  List of typical strategies in various contexts. • Soft aspects of social engineering  Manipulation  Psychology of Persuasion  Behaviour modification  Decreasing resistance  Forcing mistakes in cognition  Using cognitive load and ego depletion. • Synthesis of acquired knowledge in INFOSEC of Sociotechnical systems.  Threat modelling phases.  Intelligence gathering with an emphasis on open source intelligence gathering (OSINT).  Meshing of gathered information and theoretical framework.  Creating attack vectors. • Practical aspects of social engineering  Guided examples and exercises.  Social engineering in penetration testing.  Social engineering in everyday life.  Acing hacking competitions.

  • Study programmes