As a security professional, dedicated to remaining current on the latest industry threats and best practices, I request your support for my attendance at the Hack in Paris 2017 -CYBER SECURITY CONFERENCE June 19th to 23rd 2017, Paris, France https://hackinparis.com/. Intrusion attempts are more and more frequent and sophisticated, regardless of their target (state or corporation). In this context, international hacking events are multiplying. A few events took place in France but until now, no one had covered hacking practices with a technical approach including both professional training and information security aspects. Hack in Paris is filling this gap. After the success of the latest edition with more than 500 attendees, this 5 days' corporate event will be held for the seventh time in France, at the Hotel Newport Bay - Disneyland Paris. Hack in Paris attendees will discover the realities of hacking, and its consequences for companies. The program includes state of the art IT security, social engineering, industrial espionage, penetration testing, physical security, forensics, malware analysis techniques and countermeasures. Hack in Paris will be held from June 19th to 23rd 2017 exclusively in English: • Trainings: June 19th to 21st, three days of trainings by 12 security officers (CISOs, CIOs) and technical experts. • Talks: June 22nd & 23rd, two days of talks given by international speakers and technical experts. This event offers attendees four full days of educational opportunities covering a number of critical information security issues and emerging concepts, such as malware, cloud security, governance, regulation and compliance, mobile security, healthcare security, application security, digital forensics and the latest insights about social engineering.

1. Subject: Request to attend Hack in Paris 2017 -CYBER SECURITY CONFERENCE June 19th to 23rd
2017, Paris, France https://hackinparis.com/
Dear [decisionmakername],
As a security professional, dedicated to remaining current on the latest industry threats and best practices,
I request your support for my attendance at the Hack in Paris 2017 -CYBER SECURITY CONFERENCE
June 19th to 23rd 2017, Paris, France https://hackinparis.com/.
Intrusion attempts are more and more frequent and sophisticated, regardless of their target (state or
corporation). In this context, international hacking events are multiplying. A few events took place in France
but until now, no one had covered hacking practices with a technical approach including both professional
training and information security aspects.
Hack in Paris is filling this gap. After the success of the latest edition with more than 500 attendees, this 5
days' corporate event will be held for the seventh time in France, at the Hotel Newport Bay - Disneyland
Paris. Hack in Paris attendees will discover the realities of hacking, and its consequences for companies.
The program includes state of the art IT security, social engineering, industrial espionage, penetration
testing, physical security, forensics, malware analysis techniques and countermeasures.
Hack in Paris will be held from June 19th to 23rd 2017 exclusively in English:
 Trainings: June 19th to 21st, three days of trainings by 12 security officers (CISOs, CIOs) and
technical experts.
 Talks: June 22nd & 23rd, two days of talks given by international speakers and technical experts.
This event offers attendees four full days of educational opportunities covering a number of critical
information security issues and emerging concepts, such as malware, cloud security, governance,
regulation and compliance, mobile security, healthcare security, application security, digital forensics and
the latest insights about social engineering.
If I receive your approval to attend, I’ll receive:
 Expand my knowledge – Hack in Paris gathers well-respected security professionals to speak candidly
about the problems from a business perspective as well as solutions to those problems. I’ll have the
chance to see leading keynote speakers and get up to speed on the latest trends from industry leaders.
Hack in Paris is unique in its ability to define tomorrow’s information security landscape in an exceptional
setting. Large enough to be relevant but at the same time small enough to be personal.
 Acquiring new skills – This year's Training courses offer the essential knowledge and skills needed to
defend our enterprise against today's most persistent security threats. Hack in Paris brings together the
best minds from around the world to provide a comprehensive and unique training schedule covering a
broad spectrum of information security topics. I am particularly excited about the social engineering
training - the theory of debugging people (Learn to plan, execute and defend Social Engineering attacks)
led by Dominique C. Brack.
 Opportunities for high-level networking, including exclusive member events. Through the expo
and special events, I’ll have a chance to raise our company’s profile and further develop our relationships
and contacts. This is an opportunity to expand our company’s network and gain perspective from both
the public and private sectors. Furthermore, this event offers an opportunity to meet security
professionals throughout multiple disciplines from around the world.

2. The approximate costs for my attendance:
Flight € XXX
Transportation (round trip from airport to hotel) € XXX
Hotel (5 nights at € XXX per night) € XXX
Meals (5 days at € XX per diem) € XXX
Delegate Pass (2 days) € 288 Early bird pricing
Exclusive Social Engineering Training € 1'200
Total cost to attend: € X'XXX
I believe the insights learned by attending Hack in Paris 2017 -CYBER SECURITY CONFERENCE and the
2-day training Social Engineering - the theory of debugging people (Learn to plan, execute and
defend Social Engineering attacks) led by Dominique C. Brack can help avert costly information security
scenarios.
The cost of a delegate place seems a small price to pay for actionable intelligence to help our business
combat information security risk and the reputational damage that results from even a minor compromise.
When I return from the Conference, I will compile a short presentation covering speaker's presentation
notes, useful vendor product information, new contacts made and a proposal for implementing new ideas
that will benefit our team. I will also make any Conference materials available to my colleagues.
Thank you for your consideration. To benefit from the current discount, I need to register before Apr 16,
2017, so I appreciate a quick response. Don’t hesitate to contact me if you need more information, or would
like to discuss this opportunity further. I look forward to your reply.
Sincerely,
[Name]

3. This is the first-time Social Engineering Engagement Framework (SEEF) author offers an in-
person public workshop. Normally the workshops and briefings are closed-group private
enterprise or Government only workshops. Profit from first-hand knowledge and experience of a
social engineering and information security professional with 20 years of experience. What you
will learn: Tools and techniques to plan, execute and manage social engineering engagements.
What can and will be used against you, your employees and your organization. This training will
provide the skills to detect, defend and assess social engineering attacks and the associates risk
with it. You will learn the motivations and methods used by social engineers enabling you to better
protect yourself and your organization.
MORE DETAILS
Prerequisites
None specific. Willing to learn and apply new things. A technical background is not necessary.
Decision-maker, penetration tester, or hacking enthusiast, this training will be an excellent
addition to your professional curriculum.
Target Audience
Professionals, Organisations and Governments. Individuals who have a professional interest in
social engineering. Functions or roles requiring social engineering knowledge either for active use
or for building protection against social engineering attacks. CISO's, Managers, Consultants,
Developers, Hackers, Intelligence Org., Red Teams, Pentesters, Psychologists, Defence,
Strategists, Tacticians, CxO's etc.
Material to bring by attendees
Laptop and note paper.
Course Syllabus
You can have the best technical security controls in the world, from the most expensive firewall
to the most sophisticated biometric access control, but they will not protect you from social
engineering attacks. This 2-day course will provide you with the skills to detect, defend and assess
social engineering attacks. You will learn the motivations and methods used by social engineers
enabling you to better protect yourself and your organization.
This is not a technical course no technical prerequisites are required. Some tools might be used
in the course for achieving a purpose but there will no programming skills necessary. You will
learn how some of the most elegant social engineering attacks take place. Learn to perform these
scenarios and what is done during each step of the attack. Social Engineering is an area filled
with ethical challenges, risks and legal landmines and I will do my best to share my experiences
in this course. So, participants can reap the benefits of my experiences without falling in to the
pitfalls I have over the years.
1. Social Engineering Economy - Introduction to Social Engineering
1. Assessing the social engineering threats
2. The evolution of social engineering
3. Thinking like a social engineer

4. 4. Why social engineering works? The principles on which social engineering is
based
5. The legal and ethical aspects of social engineering
2. The Social Engineering Engagement Framework (SEEF) – Advanced Techniques and
Methods
1. Social engineering engagement management – how to execute SE
engagements/ tests
2. Governance, Risk and Compliance including “++”
3. Approach Selection Method (ASM) – selecting the most effective and efficient
approach
4. Attack Vector Development (AVD) – developing the most effective attack vectors
5. The psychology of social engineering – interposal distance, zones of approach,
rapport building etc.
3. Social Engineering Prevention and Defence
1. Identify countermeasures against social engineering attacks
2. Phishing attacks - is it worth to run phishing exercises?
3. Defend against social engineering deceptions that threaten organizational
security
4. Plan and evaluate security assessments
5. Promote vigilance and implement procedures to defeat deceptions
4. Exercises and practical application – Tools used by Social Engineers
1. Identifying interview techniques that elicit private information
2. Leveraging authority as a manipulation tool
3. Conducting information collection: i.e. dumpster dive to gather intelligence
4. Gathering Information and Intelligence Identifying information sources
5. OSINT tools
Speakers
Dominique C. Brack
Dominique C. Brack is a recognized expert in information security, including identity theft, social media
exposure, data breach, cyber security, human manipulation and online reputation management. He is a
highly qualified, top-performing professional with outstanding experience and achievements within key IT
security, risk and project management roles confirming expertise in delivering innovative, customer-
responsive projects and services in highly sensitive environments on an international scale. Mr. Brack is
accessible, real, professional, and provides topical, timely and cutting edge information. Dominique’s direct
and to-the-point tone of voice can be counted on to capture attention, and – most importantly - inspire and
empower action.
Last year's conference appearance's:
 AREA41 (DEFCON Switzerland), Zürich June 2016 https://area41.io/
 Hack In Paris, Paris July 2016 https://hackinparis.com/
 ISC2 EMEA Security Congress, Dublin October 2016 http://emeacongress.isc2.org/
 DeepSec 2016 Austria, Vienna November 2016 https://www.deepsec.net/