DATE: Monday, October 27 |
TIME: 11:30 am-12:00 pm |
LOCATION: Paramount Ballroom |
DURATION: |
Despite significant investments in cutting-edge security technologies, the human element remains the weakest link in cybersecurity. Attackers continuously exploit human behavior to bypass even the most advanced technical defenses. This presentation will provide experiences of hands-on real-world social engineering campaigns, mirroring the tactics used by sophisticated threat actors.
This session will explore:
- OSINT - Determining Targets and Entry Points
- NIST Phish Scale - Evaluating the Content of a Phishing Email
- Email Phishing - How Attackers Get SPAM Into the Corporate Inbox
- Phone Social Engineering - Experiences in Impersonation and Taking Over Accounts
- Physical Security - Outcomes from Just Hanging Around the Office
Attendees will gain valuable insights into the psychology and strategies behind social engineering attacks, along with practical safeguards to strengthen their organization’s security posture against these evolving threats.
Speakers

Ahmed Shah
Security Analyst, Malleum
Ahmed Shah is a security analyst at Malleum Information Security in Ottawa, Canada. He is experienced at performing cloud security assessments, leading red team engagements, vulnerability assessments, and penetration tests for private sector clients and government agencies.