Hacking the Human: Countering the Socially Engineered Attack
ABSTRACT
The security model developed here suggests that a focus on systemic changes to an organisation’s processes can produce improved security. This model of security is novel in that it is designed to ease reliance on the human within the system, therefore reducing the likelihood and impact of social engineering attacks. It highlights the layer of human protection and the systemic protection that can be placed around information. This layered approach to security is original in that it is applied in a social engineering context. The model is then used to map the attacks and their respective countermeasures.
AUTHORS
School of Informatics, University of Bradford
UK
Andrea Cullen has many years industrial experience as a computer programmer and systems analyst working on projects throughout the UK. Her academic career spans two disciplines: computer science; and management. She is currently a lecturer in computing, teaching operations management, business systems security and e-business. Main areas of research include: e-commerce; e-government; and issues associated with IS security within organisations.
ECSC LTD, Bradford
UK
Ian Mann, MBA, BEng is a Senior Systems Consultant with ECSC Ltd. He is a certified security specialist (CISSP) and a CESG Listed Advisor (CLAS) with GCHQ, holding security clearance. In addition, Ian is a Payment Card Industry Qualified Security Assessor (PCIQSA). He has been commissioned by Gower Publishing to write "Hacking the Human Social Engineering Techniques and Countermeasures" Management and a former Director of the Australian Institure of Computer Ethics.
Published In
Journal of Information Warfare
The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.
Quick Links
Archive