Enter your mobile number below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
Getting the download link through email is temporarily not available. Please check back later.
To get the free app, enter your mobile phone number.
Hacking the Human Hardcover – November 1, 2008
The Amazon Book Review
Author interviews, book reviews, editors picks, and more. Read it now
Top Customer Reviews
Hacking the Human is a book about Social Engineering Techniques and Security Countermeasures. It should be a must read to all Physical security management, and Information security professionals, I always thought it would be really hard to map the ISO27002 controls with Social Engineering and yet the entire book is written around the ISO27001 standards this alone is worth the price (little high) of the book.
The book is divided into 3 sections
.- The Risks
.- Understanding Human Vulnerabilities
I wish I could tell you which section or what chapter is important so you don't have to read the whole thing, but I couldn't they are all equally important. Except for some deviations away from information security topics the entire book is like a Symphony by Mozart; Mozart's question sums it all up "Which few did you have in mind, Majesty? " when told by Emperor Joseph II "Your work is ingenious. It's quality work. And there are simply too many notes, that's all. Just cut a few and it will be perfect."
You may say "....but I have read The Art of Deception by Kevin D. Mitnick (and William L. Simon)" which was a great book and also a must read to further learn the human behavior, however in comparison to the Hacking the Human they are totally different. Kevin does not dwell on standards simply concentrates on the brain's vulnerabilities, Ian on the other hand wrote the book as a manual for an existing Information Security Management System, he is even almost apologetic for headlining risks identified "which may not be fully ISO 27001 compliant risk assessment" as seen in chapter 12 - Testing.
I seriously recommend this book as a great Information Security learning tool. Can also come in handy for Poker players.
Best Fishes and thank you for reading.
This book has great value, as it frequently refers to standards such as ISO 27001, providing high industry relevance. The book provides a clear view to the topic with sublime clarity, explaining underlying psychological weaknesses exploited by the attackers. Hacking the Human covers all related topics on the issue, from explaining why social engineering has not received the attention it deserves to why your company is at risk, and more importantly, what you can do about it.
As we learned from Mitnick, people are the weakest link in the chain of information security. With Mann's Hacking the Human, you can make it the strongest one, the first line of defense. I gladly recommend this book to everyone interested in the topic.