Cyber Security Articles & News

Trust nothing, question everything: Social engineering and the insider threat

Social engineering (in the context of information security): The use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes.

The greatest concern for the 580 information security professionals that responded to the 2017 Black Hat USA survey was the threat around phishing and social engineering (50%, up from 46% in 2016).

Coupled with the fact that the same respondents felt the weakest link in defences was end users being easily fooled by social engineering attacks (38%, up from 28%) this should come as little surprise to security professionals. But these figures may help them to gain that C-suite-level buy-in when trying to develop an efficient and, more importantly, relevant security education and awareness package for their organisation’s personnel.

Social Engineering became a familiar information security term to me when I was reading The Art of Deception by Kevin Mitnick. However, Social Engineering had been exploiting weaknesses in human nature for many years prior.

Read the whole cool article here.

Source: IFSEC GLOBAL

Topics: Social Engineering, spear phishing attack, The Art of Deception, cybersecurity expert, keynote speaker, security awareness training, security education, malware, Trojan, phishing, Kevin Mitnick

Latest Posts

Kevin offers three excellent presentations, two are based on his best-selling books. His presentations are akin to technology magic shows that educate and inform while keeping people on the edge of their seats. He offers expert commentary on issues related to information security and increases “security awareness.”

How to Prepare for Penetration Testing

Whether you’re conducting your organization’s very first penetration test or are simply getting your assets in order, it’s smart to understand everyth..

Read more ›

What You Get When You Invest in Mitnick Red Team Pentesting

Now that you’ve got a few concentrated penetration tests under your belt, you’re ready to put your newly enhanced security to the test. And boy, are w..

Read more ›

What is a Red Team Pentesting?

If your company has invested in many penetration tests, you’re probably looking for more advanced ways of examining your security infrastructure. 

Read more ›
tech-texture-bg