Topic: The Human Factor: Why Social Engineering is the Hardest Vulnerability to Patch
Social engineering exploits the one element in cybersecurity that will remain a perpetual vulnerability: human behavior. Unlike software, which can be updated and patched, human nature—curiosity, trust, fear—remains constant, making it an attractive target for attackers. Recent reports highlight that nation-state threat actors from countries like Iran, Russia, and North Korea continue to rely on social engineering techniques, such as spear phishing and fake job offers, to infiltrate organizations. These attacks demonstrate that while technology evolves, the human factor remains the weakest link in security defenses. This presentation will explore how social engineering preys on psychology, why it’s an enduring threat, and practical steps organizations can take to build resilience against this timeless vulnerability.
Bio:
Peter Fellini is AVP of Cybersecurity with Compass Cyber Guard. Peter has over 20 years of experience in a variety IT Security fields such as Ethical Hacking, Social Engineering, and Auditing. He has a Masters of Science in Education as well as industry certifications including Certified Information Systems Security Professional (CISSP), Social Engineering Pentest Professional (SEPP), Offensive Security Wireless Professional (OSWP), PCI Professional (PCIP), etc. Peter has competed multiple times at DefCon's Social Engineering Village in the SECTF challenge. He is also attending school part-time at Johnson & Wales University to become a professional craft beer brewer.