A Critical Appraisal of Contemporary Cyber Security Social Engineering Solutions: Measures, Policies, Tools and Applications

2018 26th International Conference on Systems Engineering (ICSEng) Pub Date : 2018-12-01 DOI:10.1109/ICSENG.2018.8638166

Hussain Aldawood, G. Skinner

{"title":"A Critical Appraisal of Contemporary Cyber Security Social Engineering Solutions: Measures, Policies, Tools and Applications","authors":"Hussain Aldawood, G. Skinner","doi":"10.1109/ICSENG.2018.8638166","DOIUrl":null,"url":null,"abstract":"Social engineering is one of the biggest threats organizations face today, as more and more companies are adopting digitalization. This study presents a critical review of the existing measures, tools, and policies for the protection of computer entities, particularly organizations, against cyber security social engineering. These factors were examined through a systematic review of recent studies published on the subject. Our analysis highlights the meaning of social engineering and the problem it poses, and outlines some of the previous efforts that necessitate an inquiry on the subject. There is an urgent need to provide training for employees of such digitalized companies to ensure they understand the risks and ways to avoid them. As socially engineered attacks depend on the human factor, employees’ awareness is the best practice that can be implemented to contain its threats. Other measures include training of non-technical members, awareness programs, new security network, software usage, and security protocols to tackle social engineering threats.","PeriodicalId":356324,"journal":{"name":"2018 26th International Conference on Systems Engineering (ICSEng)","volume":"36 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"13","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 26th International Conference on Systems Engineering (ICSEng)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICSENG.2018.8638166","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 13

Abstract

Social engineering is one of the biggest threats organizations face today, as more and more companies are adopting digitalization. This study presents a critical review of the existing measures, tools, and policies for the protection of computer entities, particularly organizations, against cyber security social engineering. These factors were examined through a systematic review of recent studies published on the subject. Our analysis highlights the meaning of social engineering and the problem it poses, and outlines some of the previous efforts that necessitate an inquiry on the subject. There is an urgent need to provide training for employees of such digitalized companies to ensure they understand the risks and ways to avoid them. As socially engineered attacks depend on the human factor, employees’ awareness is the best practice that can be implemented to contain its threats. Other measures include training of non-technical members, awareness programs, new security network, software usage, and security protocols to tackle social engineering threats.

查看原文本刊更多论文

当代网络安全社会工程解决方案的批判性评估:措施，政策，工具和应用

随着越来越多的公司采用数字化，社会工程是当今组织面临的最大威胁之一。本研究对保护计算机实体(特别是组织)免受网络安全社会工程侵害的现有措施、工具和政策进行了批判性回顾。这些因素是通过对最近发表的有关该主题的研究进行系统回顾来检查的。我们的分析强调了社会工程的意义和它所带来的问题，并概述了一些需要对这一主题进行调查的先前的努力。迫切需要为这些数字化公司的员工提供培训，以确保他们了解风险以及避免风险的方法。由于社会工程攻击依赖于人为因素，员工的意识是可以实施的最佳实践，以遏制其威胁。其他措施包括非技术人员的培训、意识计划、新的安全网络、软件使用和安全协议，以解决社会工程威胁。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2018 26th International Conference on Systems Engineering (ICSEng)

自引率

0.00%

发文量