Improving Social Engineering Resilience In Enterprises

Authors

  • Ricardo Ribeiro Universidade Aberta, Instituto Superior Técnico
  • Nuno Mateus-Coelho LAPI2S & COPELABS - Lusófona University https://orcid.org/0000-0001-5517-9181
  • Henrique Mamede Universidade Aberta

DOI:

https://doi.org/10.56394/aris2.v3i1.30

Keywords:

social engineering, human behavior, personal traits, security architecture, phishing, threat actors, cybersecurity, cyberattacks, systematic literature review, security awareness

Abstract

Social Engineering (SE) is a significant problem for enterprises. Cybercriminals continue developing new and sophisticated methods to trick individuals into disclosing confidential information or granting unauthorized access to infrastructure systems. These attacks remain a significant threat to enterprise systems despite significant investments in technical architecture and security measures. User awareness training and other behavioral interventions are critical for improving SE resilience. However, their effectiveness still needs to be determined, as personality traits may turn some individuals more susceptible to SE attacks.

This paper aims to provide a comprehensive assessment of the state of knowledge in this field, identifying best practices for improving SE resilience in organizations and supporting the development of new research studies to address this issue. Its goal is to help enterprises of any size develop a framework to reduce the risk of successful SE attacks and create a culture of security awareness.

References

Microsoft, “Phishing trends and techniques.” Accessed: Aug. 10, 2023. [Online]

M. Carlton and Y. Levy, “Cybersecurity skills: Foundational theory and the cornerstone of advanced persistent threats (APTs) mitigation.,” Online Journal of Applied Knowledge Management, vol. 5, no. 2, pp. 16–28, 2017, Accessed: Aug. 10, 2023. DOI: https://doi.org/10.36965/OJAKM.2017.5(2)16-28

K. Chetioui, B. Bah, A. O. Alami, and A. Bahnasse, “Overview of Social Engineering Attacks on Social Networks.,” Procedia Comput Sci, vol. 198, no. 1, pp. 656–661, 2022, Accessed: Aug. 10, 2023. DOI: https://doi.org/10.1016/j.procs.2021.12.302

Downloads

Published

2023-08-30

How to Cite

[1]
R. Ribeiro, N. Mateus-Coelho, and H. Mamede, “Improving Social Engineering Resilience In Enterprises”, ARIS2-Journal, vol. 3, no. 1, pp. 34–65, Aug. 2023.

Issue

Vol. 3 No. 1 (2023): ARIS2 - Advanced Research on Information Systems Security

Section

Articles

License

Copyright (c) 2023 Ricardo Ribeiro, Nuno Mateus-Coelho, Henrique Mamede

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

Crossref
Scopus
Google Scholar
Europe PMC

Most read articles by the same author(s)