Employee Hijacking - Building a Hacktober Awareness Program

Discover how to create an engaging annual Hacktober program for security awareness in this conference talk from BSidesSF 2016. Learn innovative techniques to teach employees important security lessons through a month-long hacking campaign that combines education with fun. Explore various strategies including USB flash drives, rogue access points, tailgating, and puzzle cracking to improve your organization's human attack surface. Gain insights on planning, targeting, and designing campaigns, as well as managing employee reactions and measuring success. Find out how to transform dry security training into an exciting, prize-winning experience that employees will actually enjoy.

Introduction
Rules
What we did
Planning your campaigns
Target your campaigns
Database
Unique Identifier
Lesson Page
Fun Page
Statistics
USB flash drives
USB drives with documents
Data collection server
File names
Rogue access point
Design
Audio Indicator
Clunk
Capture the Flag
Code Knocking
Puzzle Cracking
Dual benefit tailgating
Posters
Secret Portal
People loved it
People got pissed off
Looking forward
Wrapping up
Questions