Ida Ngambeki - Purdue University
Students: Spring 2025, unless noted otherwise, sessions will be virtual on Zoom.
Understanding the Human Hacker
Jun 16, 2021
Download: MP4 Video Size: 695.4MBWatch on YouTube
Abstract
Social Engineering is employed in 97% of cybersecurity attacks. This makes social engineering penetration testing an important aspect of cybersecurity. Social engineering penetration testing is a specialized area requiring skills and abilities substantially different from other types of penetration testing. Training for social engineering penetration testing as well as understanding what skills, abilities, and personalities make for good social engineers is not well developed. This mixed methods study uses surveys and interviews conducted with social engineering pen testers to examine their pathways into the field, what personality traits contribute to success, what skills and abilities are necessary and what challenges these professionals commonly face. The results are used to make recommendations for training.About the Speaker
Dr. Ida Ngambeki is an Assistant Professor of Computer and Information Technology at Purdue University. She is the Executive Director of the Purdue Cybersecurity Education Training Network and Resources and Director of the Cybersecure Behavior Lab. Dr. Ngambeki graduated from Smith College with a B.S. in Engineering and from Purdue University with a PhD in Engineering Education. Dr. Ngambeki's key areas of research interest include: cybersecure behavior, social engineering, cybersecurity education, cybersecurity policy, and cybersecurity workforce development. Dr. Ngambeki's current research projects include: developing of curriculum guidance documents and a hub and spoke infrastructure for Industrial Control Systems Security, developing a self-directed learning platform for secure programming, developing a cybersecurity apprenticeship program, and developing an AI based humor integrated social engineering training tool. Dr. Ngambeki has developed courses in Social Engineering, Cyber Law and Cyber Ethics.