Skip to content
From our Community Blog:

Why the people running a website can be more vulnerable than the code it’s built on - WPCampus 2019

Subscribe to Community Blog updates

Maybe your web presence is locked down like a fortress. You've personally vetted every line of code in the source of your core applications and third party addons. Your malware scanner is laser-precise and your firewall has a direct line to INTERPOL where you can livestream the prompt arrest of anyone who attacks your site.

Despite these efforts, you're still hackable. In fact, you've established the human element of your organization -- yourself, your colleagues, and your users -- as the most vulnerable point in your infrastructure. A firewall won't prevent someone from convincing your accountant to wire them money and two-factor authentication to your website can't stop someone from physically accessing a workstation in your office dressed as IT staff.

Join me in exploring a timeless category of attacks seldom discussed in the WordPress community. We'll talk about identifying common forms of social engineering, why there's such thing as "phishing drills", and why the most secure password is the one you don't even know.

You can learn more about this session on the WPCampus 2019 website at

Mikey Veenstra

What is WPCampus?
WPCampus 2019 was the fourth annual in-person conference for the WPCampus community, a gathering of web professionals, educators and people dedicated to the confluence of WordPress in higher education. The event took place July 25-27, 2019 on the campus of Lewis & Clark College. Learn more about the event at

Login to WordPress