CERIAS Security Seminar: Understanding the Human Hacker

The Center for Education and Research in Information Assurance and Security
June 16, 2021
1:00 PM - 2:00 PM


Ida Ngambeki
Purdue University

Abstract: Social Engineering is employed in 97% of cybersecurity attacks. This makes social engineering penetration testing an important aspect of cybersecurity. Social engineering penetration testing is a specialized area requiring skills and abilities substantially different from other types of penetration testing. Training for social engineering penetration testing as well as understanding what skills, abilities, and personalities make for good social engineers is not well developed. This mixed methods study uses surveys and interviews conducted with social engineering pen testers to examine their pathways into the field, what personality traits contribute to success, what skills and abilities are necessary and what challenges these professionals commonly face. The results are used to make recommendations for training.

About: Dr. Ida Ngambeki is an Assistant Professor of Computer and Information Technology at Purdue University. She is the Executive Director of the Purdue Cybersecurity Education Training Network and Resources and Director of the Cybersecure Behavior Lab. Dr. Ngambeki graduated from Smith College with a B.S. in Engineering and from Purdue University with a PhD in Engineering Education. Dr. Ngambeki’s key areas of research interest include: cybersecure behavior, social engineering, cybersecurity education, cybersecurity policy, and cybersecurity workforce development. Dr. Ngambeki’s current research projects include: developing of curriculum guidance documents and a hub and spoke infrastructure for Industrial Control Systems Security, developing a self-directed learning platform for secure programming, developing a cybersecurity apprenticeship program, and developing an AI based humor integrated social engineering training tool. Dr. Ngambeki has developed courses in Social Engineering, Cyber Law and Cyber Ethics.

The weekly security seminar has been held every semester since spring of 1992. We invite personnel at Purdue and visitors from outside to present on topics of particular interest to them in the areas of computer and network security, computer crime investigation, information warfare, information ethics, public policy for computing and security, the computing "underground," and other related topics. More info

Contact Details

Event Website


Add to calendar