Ricardo Ribeiro, N. Mateus-Coelho, Henrique Mamede
{"title":"提高企业的社会工程复原力","authors":"Ricardo Ribeiro, N. Mateus-Coelho, Henrique Mamede","doi":"10.56394/aris2.v3i1.30","DOIUrl":null,"url":null,"abstract":"Social Engineering (SE) is a significant problem for enterprises. Cybercriminals continue developing new and sophisticated methods to trick individuals into disclosing confidential information or granting unauthorized access to infrastructure systems. These attacks remain a significant threat to enterprise systems despite significant investments in technical architecture and security measures. User awareness training and other behavioral interventions are critical for improving SE resilience. However, their effectiveness still needs to be determined, as personality traits may turn some individuals more susceptible to SE attacks. This paper aims to provide a comprehensive assessment of the state of knowledge in this field, identifying best practices for improving SE resilience in organizations and supporting the development of new research studies to address this issue. Its goal is to help enterprises of any size develop a framework to reduce the risk of successful SE attacks and create a culture of security awareness.","PeriodicalId":438607,"journal":{"name":"ARIS2 - Advanced Research on Information Systems Security","volume":"45 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2023-08-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Improving Social Engineering Resilience In Enterprises\",\"authors\":\"Ricardo Ribeiro, N. Mateus-Coelho, Henrique Mamede\",\"doi\":\"10.56394/aris2.v3i1.30\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Social Engineering (SE) is a significant problem for enterprises. Cybercriminals continue developing new and sophisticated methods to trick individuals into disclosing confidential information or granting unauthorized access to infrastructure systems. These attacks remain a significant threat to enterprise systems despite significant investments in technical architecture and security measures. User awareness training and other behavioral interventions are critical for improving SE resilience. However, their effectiveness still needs to be determined, as personality traits may turn some individuals more susceptible to SE attacks. This paper aims to provide a comprehensive assessment of the state of knowledge in this field, identifying best practices for improving SE resilience in organizations and supporting the development of new research studies to address this issue. Its goal is to help enterprises of any size develop a framework to reduce the risk of successful SE attacks and create a culture of security awareness.\",\"PeriodicalId\":438607,\"journal\":{\"name\":\"ARIS2 - Advanced Research on Information Systems Security\",\"volume\":\"45 1\",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-08-30\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"ARIS2 - Advanced Research on Information Systems Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.56394/aris2.v3i1.30\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"ARIS2 - Advanced Research on Information Systems Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.56394/aris2.v3i1.30","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
摘要
社会工程(SE)是企业面临的一个重大问题。网络犯罪分子不断开发新的复杂方法,诱使个人泄露机密信息或未经授权访问基础设施系统。尽管在技术架构和安全措施方面进行了大量投资,但这些攻击仍对企业系统构成重大威胁。用户意识培训和其他行为干预对于提高企业系统的复原力至关重要。然而,它们的有效性仍有待确定,因为个性特征可能会使某些人更容易受到 SE 攻击。 本文旨在对这一领域的知识现状进行全面评估,确定提高企业 SE 复原力的最佳做法,并支持针对这一问题开展新的研究。其目标是帮助任何规模的企业制定一个框架,以降低成功遭受 SE 攻击的风险,并创建一种安全意识文化。
Improving Social Engineering Resilience In Enterprises
Social Engineering (SE) is a significant problem for enterprises. Cybercriminals continue developing new and sophisticated methods to trick individuals into disclosing confidential information or granting unauthorized access to infrastructure systems. These attacks remain a significant threat to enterprise systems despite significant investments in technical architecture and security measures. User awareness training and other behavioral interventions are critical for improving SE resilience. However, their effectiveness still needs to be determined, as personality traits may turn some individuals more susceptible to SE attacks. This paper aims to provide a comprehensive assessment of the state of knowledge in this field, identifying best practices for improving SE resilience in organizations and supporting the development of new research studies to address this issue. Its goal is to help enterprises of any size develop a framework to reduce the risk of successful SE attacks and create a culture of security awareness.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
