IDEAS home Printed from https://ideas.repec.org/a/igg/rmj000/v24y2011i3p1-8.html
   My bibliography  Save this article

Social Engineering: The Neglected Human Factor for Information Security Management

Author

Listed:
  • Xin Luo

    (The University of New Mexico, USA)

  • Richard Brody

    (The University of New Mexico, USA)

  • Alessandro Seazzu

    (The University of New Mexico, USA)

  • Stephen Burd

    (The University of New Mexico, USA)

Abstract

Effective information systems security management combines technological measures and managerial efforts. Although various technical means have been employed to cope with security threats, human factors have been comparatively neglected. This article examines human factors that can lead to social engineering intrusions. Social engineering is a technique used by malicious attackers to gain access to desired information by exploiting the flaws in human logic known as cognitive biases. Social engineering is a potential threat to information security and should be considered equally important to its technological counterparts. This article unveils various social engineering attacks and their leading human factors, and discusses several ways to defend against social engineering: education, training, procedure, and policy. The authors further introduce possible countermeasures for social engineering attacks. Future analysis is also presented.

Suggested Citation

  • Xin Luo & Richard Brody & Alessandro Seazzu & Stephen Burd, 2011. "Social Engineering: The Neglected Human Factor for Information Security Management," Information Resources Management Journal (IRMJ), IGI Global, vol. 24(3), pages 1-8, July.
  • Handle: RePEc:igg:rmj000:v:24:y:2011:i:3:p:1-8
    as

    Download full text from publisher

    File URL: http://services.igi-global.com/resolvedoi/resolve.aspx?doi=10.4018/irmj.2011070101
    Download Restriction: no
    ---><---

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Guma Ali & Mussa Ally Dida & Anael Elikana Sam, 2020. "Two-Factor Authentication Scheme for Mobile Money: A Review of Threat Models and Countermeasures," Future Internet, MDPI, vol. 12(10), pages 1-27, September.
    2. Hussain Aldawood & Geoffrey Skinner, 2019. "Reviewing Cyber Security Social Engineering Training and Awareness Programs—Pitfalls and Ongoing Issues," Future Internet, MDPI, vol. 11(3), pages 1-16, March.
    3. Moustaka, Vaia & Theodosiou, Zenonas & Vakali, Athena & Kounoudes, Anastasis & Anthopoulos, Leonidas G., 2019. "Εnhancing social networking in smart cities: Privacy and security borderlines," Technological Forecasting and Social Change, Elsevier, vol. 142(C), pages 285-300.

    More about this item

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:igg:rmj000:v:24:y:2011:i:3:p:1-8. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Journal Editor (email available below). General contact details of provider: https://www.igi-global.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.