Improving Social Engineering Resilience In Enterprises

Abstract

Social Engineering (SE) is a significant problem for enterprises. Cybercriminals continue developing new and sophisticated methods to trick individuals into disclosing confidential information or granting unauthorized access to infrastructure systems. These attacks remain a significant threat to enterprise systems despite significant investments in technical architecture and security measures. User awareness training and other behavioral interventions are critical for improving SE resilience. However, their effectiveness still needs to be determined, as personality traits may turn some individuals more susceptible to SE attacks. This paper aims to provide a comprehensive assessment of the state of knowledge in this field, identifying best practices for improving SE resilience in organizations and supporting the development of new research studies to address this issue. Its goal is to help enterprises of any size develop a framework to reduce the risk of successful SE attacks and create a culture of security awareness.