Okay, this is a session out of my usual scope. The title of the session caught me and as it seems it was totally worth it.
Here are my session takeaways.
Why would someone steal data from you?
Andy listed a lot of reasons and motivations why people steal data from companies. Potential threats are always the guys quitting a job (or the ones who quitted mentally already). Often espionage is not easy to detect, there are very advanced technical gimmicks (pen cam, tie cam, microphones).
I like this one:
Interesting question for the audience:
Who is a network administrator?
Couple of hands went up.
Who is responsible for security ?
Almost the same amount of hands are up – oooops, not good.
Andy showed a bunch of tools how to gather information. It started with a simple websearch and then he expanded it to “one click” tools downloading and analyzing available documents. Running Windows 2000 – harvesting all email accounts in a company. Wow, amazing how easy it is. All tools are listed in his slides.
Entertaining and it still makes you thinking! Great, great session, totally enjoyed it. Its one of the session you should watch the recording once its available here.