Marius has more than 5 years experience in cyber field, he began his activity as a law enforcement officer in the Directorate for Combating Organized Crime where he developed a wealth experience conducting cybercrime investigations and subsequent activities of digital forensics and malware research that involved the most recent security threat actors.
His hands-on experience including over 500 forensic investigations is demonstrated by the Certified Forensic Computer Examiner certification provided by the International Association of Computer Investigative Specialists, the engagement in other similar trainings like Open Source IT Forensics, Linux Basic Forensics, CompTIA Security+, malware analysis and network security monitoring (SIEM – Q-Radar Associate Analyst).
He joined the Dell SecureWorks team in 2016, where he occupies a Security Systems Advisor position.
Mitigating the cyber kill chain by raising the human awareness level
Recent years showed that the main weakness in the cyber defense field is “human hacking” because attackers understood that is more easier to manipulate people in order to accomplish their goals than trying to bypass advanced security solutions.
In the context of information security social engineering is the manipulation of people to get them to inadvertently perform actions that inflict or increase the probability of inflicting future harm to the confidentiality, integrity, or availability of the organization’s resources or assets, including information, information systems, or financial systems.
The preponderance of the social engineering phenomenon suggests that there is either an inherent weakness in the ability of victims to distinguish malicious communications or that attackers are using more complex methods to bypass the “human firewall.”
The best defense against this type of schemes is to educate users on the techniques used by social engineers, and raising awareness as to how both humans and computer systems can be manipulated to create a false level of trust.
This can be complemented by an organizational attitude towards security that promotes the sharing of concerns, enforces information security rules and supports users for adhering to them.