Reference Hub

This research has been cited in:

Conference
Multi-layered graph-based model for social engineering vulnerability assessmentProceedings of the 2015 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining 201510.1145/2808797.2808899
Article
Two-Factor Authentication Scheme for Mobile Money: A Review of Threat Models and CountermeasuresFuture Internet10.3390/fi12100160
Article
An Empirical Assessment of Endpoint Detection and Response Systems against Advanced Persistent Threats Attack VectorsJournal of Cybersecurity and Privacy10.3390/jcp1030021
Conference
Cyber security: Current threats, challenges, and prevention methods2022 International Conference on Advances in Computing, Communication and Materials (ICACCM)10.1109/ICACCM56405.2022.10009154
Article
Εnhancing social networking in smart cities: Privacy and security borderlinesTechnological Forecasting and Social Change10.1016/j.techfore.2018.10.026
Article
Examining Factors Impacting the Effectiveness of Anti-Phishing TrainingsJournal of Computer Information Systems10.1080/08874417.2021.1955638
Chapter
Preparation of a Social Engineering Attack, from Scratch to Compromise: A USB Dropper and Impersonation ApproachInformation and Communication Technologies10.1007/978-3-031-18272-3_19
Chapter
Social Engineering Threat Assessment Using a Multi-Layered Graph-Based ModelTrends in Social Network Analysis10.1007/978-3-319-53420-6_5
Conference
Determining Phishing Emails using URL Domain Features2022 1st International Conference on AI in Cybersecurity (ICAIC)10.1109/ICAIC53980.2022.9897038
Conference
Is Cyber Security Enough- A study on Big Data Security Breaches in Financial Institutions2019 4th International Conference on Information Systems and Computer Networks (ISCON)10.1109/ISCON47742.2019.9036294
Article
China’s Demographic History and Future ChallengesScience10.1126/science.1209396
Conference
The Chameleon Attack: Manipulating Content Display in Online Social MediaProceedings of The Web Conference 202010.1145/3366423.3380165
Conference
How to get away with cyberattacksCHI Conference on Human Factors in Computing Systems10.1145/3491102.3517444
Article
Detection of «Telegram Rat» virusHerald of Dagestan State Technical University. Technical Sciences10.21822/2073-6185-2024-51-1-79-86
Article
Altering Security Perceptions Through the Use of Geo-AuthenticationJournal of Information Privacy and Security10.1080/15536548.2014.977608
Article
Online social network security awareness: mass interpersonal persuasion using a Facebook appInformation Technology & People10.1108/ITP-06-2018-0278
Article
Developing and Improving Student Non-Technical Skills in IT Education: A Literature Review and ModelInformatics10.3390/informatics3020007
Conference
Security and Privacy Education for STEM Undergraduates: A Shoulder Surfing Course Project2019 IEEE Frontiers in Education Conference (FIE)10.1109/FIE43999.2019.9028560
Article
A multi-level influence model of COVID-19 themed cybercrimeEuropean Journal of Information Systems10.1080/0960085X.2020.1771222
Article
Quality matters: Evoking subjective norms and coping appraisals by system design to increase security intentionsDecision Support Systems10.1016/j.dss.2019.02.010
Article
The optics of fraud: affiliations that enhance offender credibilityJournal of Financial Crime10.1108/13590791211243147
Conference
A preliminary radicalisation framework based on social engineering techniques2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA)10.1109/CyberSA.2017.8073406
Article
Reviewing Cyber Security Social Engineering Training and Awareness Programs—Pitfalls and Ongoing IssuesFuture Internet10.3390/fi11030073
Conference
Identification and prevention of social engineering attacks on an enterprise2019 International Carnahan Conference on Security Technology (ICCST)10.1109/CCST.2019.8888441
Chapter
The Psychology of CybersecurityDiscovering Cybersecurity10.1007/978-1-4842-9560-1_1
Article
The industrial security management model for SMBs in smart workJournal of Intelligent Manufacturing10.1007/s10845-012-0651-8
Article
On the anatomy of social engineering attacks—A literature‐based dissection of successful attacksJournal of Investigative Psychology and Offender Profiling10.1002/jip.1482
Conference
Towards an Improved Understanding of Human Factors in Cybersecurity2019 IEEE 5th International Conference on Collaboration and Internet Computing (CIC)10.1109/CIC48465.2019.00047
Article
A qualitative study of penetration testers and what they can tell us about information security in organisationsInformation Technology & People10.1108/ITP-11-2021-0864
Conference
Mitigating Phishing AttacksProceedings of the 2019 ACM Southeast Conference10.1145/3299815.3314437
Article
The optics of fraud: affiliations that enhance offender credibilityJournal of Financial Crime10.1108/13590791211266359
Article
Social engineering in the context of ensuring information securitySHS Web of Conferences10.1051/shsconf/20196900073
Article
Slow down and frown to improve phishing detectionComputer Fraud & Security10.12968/S1361-3723(22)70593-3
Article
Implementing Data Exfiltration Defense in Situ: A Survey of Countermeasures and Human InvolvementACM Computing Surveys10.1145/3582077
Article
Analysis and optimization of industrial engineering and management operating environment based on human factors engineeringApplied Mathematics and Nonlinear Sciences10.2478/amns-2024-0530
Article
Finding the weakest links in the weakest link: How well do undergraduate students make cybersecurity judgment?Computers in Human Behavior10.1016/j.chb.2018.02.019
Conference
Challenges of Implementing Training and Awareness Programs Targeting Cyber Security Social Engineering2019 Cybersecurity and Cyberforensics Conference (CCC)10.1109/CCC.2019.00004
Chapter
Cybersecurity in HealthcareClinical Informatics Study Guide10.1007/978-3-030-93765-2_17
Article
Flying under the radar: social engineeringInternational Journal of Accounting & Information Management10.1108/18347641211272731
Article
Engineering Cheerful Robots: An Ethical ConsiderationInformation10.3390/info9070152
Article
Systematic Review on Social Engineering: Hacking by Manipulating HumansSSRN Electronic Journal 10.2139/ssrn.3720955
Conference
Educating educators on social engineering Experiences developing and implementing a social engineering workshop for all education levels2022 IEEE Integrated STEM Education Conference (ISEC)10.1109/ISEC54952.2022.10025154
Chapter
Impact of Social Engineering Attacks: A Literature ReviewDevelopments and Advances in Defense and Security10.1007/978-981-16-4884-7_3
Article
Spear phishing in organisations explainedInformation & Computer Security10.1108/ICS-03-2017-0009
Article
Using phishing experiments and scenario-based surveys to understand security behaviours in practiceInformation Management & Computer Security10.1108/IMCS-11-2013-0083
Chapter
Cybersecurity Risks, Vulnerabilities, and Countermeasures to Prevent Social Engineering AttacksEthical Hacking Techniques and Countermeasures for Cybercrime Prevention10.4018/978-1-7998-6504-9.ch002
Chapter
Effects of Team Collaboration on Sharing Information Security AdviceResearch Anthology on Artificial Intelligence Applications in Security10.4018/978-1-7998-7705-9.ch084

Social Engineering: The Neglected Human Factor for Information Security Management

Xin Luo, Richard Brody, Alessandro Seazzu, Stephen Burd

Source Title: Information Resources Management Journal (IRMJ)24(3)

ISSN: 1040-1628|EISSN: 1533-7979|EISBN13: 9781613505250|DOI: 10.4018/irmj.2011070101

Cite Article Cite Article

MLA

Luo, Xin, et al. "Social Engineering: The Neglected Human Factor for Information Security Management." IRMJ vol.24, no.3 2011: pp.1-8. http://doi.org/10.4018/irmj.2011070101

APA

Luo, X., Brody, R., Seazzu, A., & Burd, S. (2011). Social Engineering: The Neglected Human Factor for Information Security Management. Information Resources Management Journal (IRMJ), 24(3), 1-8. http://doi.org/10.4018/irmj.2011070101

Chicago

Luo, Xin, et al. "Social Engineering: The Neglected Human Factor for Information Security Management," Information Resources Management Journal (IRMJ) 24, no.3: 1-8. http://doi.org/10.4018/irmj.2011070101

Export Reference

Favorite Full-Issue Download

View Full Text HTML

View Full Text PDF

Abstract

Effective information systems security management combines technological measures and managerial efforts. Although various technical means have been employed to cope with security threats, human factors have been comparatively neglected. This article examines human factors that can lead to social engineering intrusions. Social engineering is a technique used by malicious attackers to gain access to desired information by exploiting the flaws in human logic known as cognitive biases. Social engineering is a potential threat to information security and should be considered equally important to its technological counterparts. This article unveils various social engineering attacks and their leading human factors, and discusses several ways to defend against social engineering: education, training, procedure, and policy. The authors further introduce possible countermeasures for social engineering attacks. Future analysis is also presented.

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.

Username or email: *

Password: *

Forgot individual login password?

Create individual account

Social Engineering: The Neglected Human Factor for Information Security Management

MLA

APA

Chicago

Export Reference

Abstract

Request Access