"Kevin Mitnick, world renowned hacker and security expert, entranced an audience of over 1500, including 1000 US Naval Academy Midshipmen, at the United States Naval Institute’s Conference on cyber security. His presentation explained the dangers of social engineering and how individuals can reduce the risks having their personal information and online accounts stolen. During his demonstration, he showed how readily information can be gathered by hackers using perfectly legal means from any organization’s forward facing servers. He additionally showed a Midshipman how easily he could, through readily accessible and legal means, obtain personal information stored on the Internet.
Mitnick was exciting and provided real-world information that not only informed but entertained the audience. He left the Academy a buzz as word of his presentation spread and had the Midshipmen asking for additional sessions with him!"
CAPT Steven "Doc" Simon, USN
Director, Cyber Security Center
United States Naval Academy
December 10, 2012
"We have been fortunate enough to work with Kevin over the past 3 years. I am consistently amazed at the quality of work from him and his team. We have used a number of third parties for various security tests over the years. Kevin's thoroughness and breadth of knowledge is unsurpassed. Kevins results are not just a finding on a report. He shows you how it could be exploited. Working for a software company it can sometimes be tough to convince development staff that a finding is really an issue. It is extremely powerful when Kevin and his team not only puts it in the report but sets up an example and shows the staff what could happen. This past year we had Kevin perform his testing and then follow up with a presentation to the entire organization. Kevin is not just a brilliant security tester. He is a very engaging and effective speaker. Kevin was able to mix stories from his past with stories from our organization and come up with the most effective security presentation I have ever seen. At many organizations security is just something that we have to do. In our company our employees understand the threat because they have seen it. This is a testament to the work that Kevin has done over the past few years for us."
Joel – Chief Security Officer – Financial Services company
"It is not what you know that is scary, it's what you don't know and Kevin Mitnick has a presentation that will demonstrate just how ignorant you are. If you need to put the fear of god into your C-Level co-workers or motivate your directors to approve your security budget, I would suggest that you have them attend his highly interactive and entertaining demonstration.
Kevin starts his show by demonstrating some fairly straight forward hacks. With multiple monitors set up, Kevin demonstrates a user opening a PDF file—with no tipoff to the user, Kevin takes control of the targeted PC. He repeats the demo with an IM message and then a flash drive. Think you have USB devices locked down? I did until Kevin showed a modified Flash Drive that looks like a "Human Interface Device". It emulates a keyboard and is programmed to surreptitiously "type" input on command.
Thank goodness you think, "well, at least my building is physically locked down and secure". Not for Kevin. Another demo showed how quickly many proximity cards can be copied and cloned just by walking by someone who has access to the door that you desire to enter.
Kevin spends quite a bit of time discussing "social engineering" and the fact that successful attacks almost always take advantage of people. Whether it is following human nature by holding a controlled door open for someone with a heavy package, or the stupidity of your receptionist who gives a password to a stranger posing as IT support, the technical side of attacks is only the tools. The simple fact is that the most vulnerable link in security is people. We object to security because security is almost always a tradeoff versus convenience. Further, far too rarely do we question the people and events happening around us. We let our guard down thinking it can't happen because it hasn't happened. Perhaps the only reason it hasn't happened is because you, up until now, have been lucky. See Kevin and bring the leadership of your company. At the very least it is an eye opener. At best, maybe a future hacker will decide you are just too well informed to attack."
-Steven L. Susman, Director-Information Technology, Manager-Engineered Systems, Supreme Security Systems, Inc.
"The Webinar [on social engineering] with Kevin was fantastic and we have received lots of positive feedback about the event. Kevin is a great speaker with tons of wit and a flair for making points thoughtfully."
-Shane Westcott, Manager, Technology Support, Calgary Board of Education
"[We] were amazed by the 'magic demos' given by Mr. Mitnick and they not only learned and opened their minds to the IT security issues that every company must manage on a daily basis but enjoyed the show tremendously."
- Guillermo Santos
"Kevin has a unique ability to connect with both technical and non-technical groups, which makes him a perfect fit for almost any event, especially those audiences that run the full gamut of technical ability. Die-hard techies will enjoy "geeking out" with Kevin, and everyone else will still be fascinated – and perhaps a little frightened – by what they learn. Our attendees could not have been more pleased with Kevin and his 'Art of Deception' keynote."
"One of the ways of social engineering could be the deficiency of awareness about the security or how much insecurity there is in relation to the management of the information and that is one of our main challenges as Cluster TIC of Security.
Well, besides entrepreneurs, representatives of public organisms, young talents, universities, associations and a long list of others, we can conclude that the presentation of Mr. Mitnick was, very enlightening in this matter and he has allowed us to give a great jump in our task of awareness: to permit the assistants beginning to speak about the security of their information."
- Lucio Gonzalez, Director of the Cluster TIC of Security – Madrid, Spain
"I want to thank you for your presentation at the National Symposium on Cyber Crime sponsored by the U.S. Pretrial Services agency, Central District of California, and the Federal Probation and Pretrial Officers Association (FPPOA). This symposium, which was held in Long Beach, California from February 11 through February 14, 2008, was the first federal conference to address this subject for Pretrial and Probation officers.
An informal sampling of remarks obtained from the attendees felt that your talk was insightful and extremely informative. Many felt you were able to make a significant connection with the audience that contributed to the presentation of the subject matter. One person even called you 'a legend' in the field."
- United States Federal Probation Office (Click Here for PDF)
"Endeavour Events was very happy to have Kevin as one of the featured key-note speakers at our "InfoProtect Summit". Being a legendary figure in the world of IT Security, he helped us attract many interesting delegates and solution partners to the event. His presentation was very dynamic, insightful and simply exciting. With 'InfoProtect' being our first event, it was extremely important for us to over-deliver on all fronts – Kevin certainly helped us achieve that and was an instrumental part in the event's huge success. We do look forward to working with him in the future!"
- Endeavour Events
"Mitnick left his audience shaken, but better equipped to stave off attacks via social engineering."
- Computer Sciences Corporation (Click Here for PDF)
"The way you and each panel member interacted demonstrated an obvious synergy that made everyone comfortable and kept the discussion interesting and 'alive'."
- ASIS International 2008Click Here to download the Original PDF
"The conference that Kevin Mitnick gave for El Tiempo, the largest newspaper in Colombia, about Enterprise IT Security was a total success. Not only the concepts related to the IT security that are important that all the enterprises have in mind but also the demos that Mr. Mitnick gave to the assistants made the conference the best given by El Tiempo this year.
The assistants were amazed by the 'magic demos' given by Mr. Mitnick and they not only learned and opened their minds to the IT security issues that every company must manage on a daily basis but enjoyed the show tremendously.
Mr. Mitnick demonstrated in this conference, that as a matter of fact is the second one he has given for El Tiempo in Bogotá,, Colombia, that he is an excellent speaker. He teaches about IT security in clear manner so that they can be easily understood and his demo shows are the highlights of the conference."
- Guillermo Santos
"It's both frightening and informative to hear how effective social engineering can be in assessing what should be security sensitive information."
- The AIM InstituteClick Here to download the Original PDF
"[The] presentation was educational and enlightening and the attendees' response was very positive."
- InfragardClick Here to download the Original PDF
"The panel was very informative, creating a standing room only event! The audience was fascinated with the information shared, due in large part to Kevin's high-impact insights and demos."
- The 41st ParameterClick Here to download the Original PDF
"Mr. Mitnick's presentation was not only informative and entertaining; it also brought home some very relevant information security issues. The audience was captivated by his live demonstration of what information is available at the click of a mouse."
-Social Security Administration's (SSA)Click Here to download the Original PDF
"The presentation was very thorough and was given in a professional and interesting manner, the comprehensive course guides you provided are of high educational quality and were delivered before the course, which helped the class day run smoothly [and] numerous real-time exercises were exciting to watch and participate in for all involved."
- FAA, Aviation SafetyClick Here to download the Original PDF
Click Here to view a testimonial from the ISSA