Pareto's Revenge: Social Engineering and User Awareness  

When:  June 18, 2009 (12:00 noon)
Where: Terminal City Club (837 West Hastings St.)
Cost: $35 non-members, $25 ISSA members, and $20 students
RSVP: (space is limited)


Speaker: Mike Murray


The past five years has seen a trend towards reinstalling the user as the primary target for exploits. The information security industry remains mired in a focus on protecting technological assets and spending large amounts of money on installing controls that do little to protect us against (or even assess) the weakness in our user-base. In this talk, Foreground Security CISO Mike Murray will walk through the radical change in the threat environment and focus on how we can tailor our enterprise security programs to fight against the large proportion of vulnerabilities that are currently unmitigated.

Speaker Bio:

Mike Murray has spent more than a decade helping companies large and small to protect their information by understanding their vulnerability posture from the perspective of an attacker. From his work in the late 90's as a penetration tester and vulnerability researcher to leadership positions at nCircle, Neohapsis and Liberty Mutual Insurance Group, his focus has always been on using vulnerability assessment through penetration testing and social engineering to proactively defend organizations. Mike is currently the CISO of Foreground Security, where he leads engagements to help corporate and government customers understand and protect their security organization . He is also in charge of the advanced curriculum of The Hacker Academy, where he trains security professionals on the newest methods of computer penetration testing and social engineering to help them better protect their organizations. Mike has a variety of other diverse interests: he leads Michael Murray and Associates, where he and his team work with organizations to assist them with their human systems, from their organizational design and efficiency to the career paths and development of their individuals. Mike's thoughts on security can be found on his blog at, and his work on helping build careers can be found at and

On-site registration and networking begins at noon, and lunch will be served at approximately 12:15. The presentation will run from 1:00pm to 2:00pm, to be followed by an open discussion forum. Members and non-members of the ISSA are welcome but space is limited. Cost for the event is $35.00 for non-members, $25.00 for ISSA members and $20.00 for students payable in advance at our web site using PaypalŪ, or at the door in cash or by cheque payable to “ISSA Vancouver”. RSVP to to guarantee your seat. Please note that we require 72 hours notice of any cancellations, or you will be invoiced for the event since we are required to finalize the food orders.

Please note that the TCC has a business-casual dress code, and contact us in advance if you have special dietary requirements or would like wheel chair accessible parking so that we can make the necessary arrangements on your behalf.

James Crooks: (604) 806-7027.