Trust nothing, question everything: Social engineering and the insider threat

Social engineering (in the context of information security): The use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes.

The greatest concern for the 580 information security professionals that responded to the 2017 Black Hat USA survey was the threat around phishing and social engineering (50%, up from 46% in 2016).

Coupled with the fact that the same respondents felt the weakest link in defences was end users being easily fooled by social engineering attacks (38%, up from 28%) this should come as little surprise to security professionals. But these figures may help them to gain that C-suite-level buy-in when trying to develop an efficient and, more importantly, relevant security education and awareness package for their organisation’s personnel.

Social Engineering became a familiar information security term to me when I was reading The Art of Deception by Kevin Mitnick. However, Social Engineering had been exploiting weaknesses in human nature for many years prior.

Read the whole cool article here.

Source: IFSEC GLOBAL

Topics: Social Engineering, Speaking Engagements, The Art of Deception, cybersecurity expert, security awareness training, security education, malware, Trojan, phishing, Kevin Mitnick

Latest Posts

Kevin offers three excellent presentations, two are based on his best-selling books. His presentations are akin to technology magic shows that educate and inform while keeping people on the edge of their seats. He offers expert commentary on issues related to information security and increases “security awareness.”

5 Interview Questions to Ask Penetration Testing Companies

If you've never experienced a data breach, consider yourself lucky. If you have, you know it's an absolute nightmare. With cyber criminals looking for..

Read more ›

4 Ways Security Awareness Training Can Benefit Your Organization

Threat actors rely on human error, counting on employees to fall for their tricks.

Read more ›

3 Common Penetration Test Findings You May Find Surprising

How secure is your critical data from cyber threats? If you’re not sure, a penetration test can provide the answer.

Read more ›
tech-texture-bg