New Orleans, Louisiana
June 26, 2016
June 26, 2016
August 28, 2016
Computing & Information Technology
Modern cybersecurity is seeing a spike in attention. Recent vulnerabilities and exploits have prompted industry professionals to spend a greater amount on cybersecurity measures, from powerful and comprehensive authentication systems to the most thorough and comprehensive firewall and anti-virus systems. These professionals seek to stop hackers and other malicious parties from gaining access to their systems by shoring up all possible gaps in their technology, but often overlook the weakest point in their system: the human element.
People are often one of the first things a malicious party will attempt to manipulate during an intrusion, since people seek to please one another, help those that help them, and quickly appease those who approach them in order to maintain their personal space. Where hackers have found themselves stymied upon being faced with an overly aggressive firewall or unbreakable authentication system, an exploitation of the human element has been key in obtaining the desired information or resource. Social engineering must be protected against alongside other forms of exploitation, in order to best protect information.
In this paper, the writers explore and discuss the field of cybersecurity known as social engineering. After a review of the field as it currently stands, the writers will outline a graduate-level curriculum for social engineering education, which can be used to teach aspiring offensive cybersecurity analysts the best methods to test the security of an organization’s human element, as well as teach aspiring security professionals about best practices and policies that they can use to protect the resources they are responsible for.
Moses, S., & Baker, N. S., & Rowe, D. C. (2016, June), Helping the Human Element: Educating in Social Engineering Paper presented at 2016 ASEE Annual Conference & Exposition, New Orleans, Louisiana. 10.18260/p.25456
ASEE holds the copyright on this document. It may be read by the public free of charge. Authors may archive their work on personal websites or in institutional repositories with the following citation: © 2016 American Society for Engineering Education. Other scholars may excerpt or quote from these materials with the same citation. When excerpting or quoting from Conference Proceedings, authors should, in addition to noting the ASEE copyright, list all the original authors and their institutions and name the host city of the conference. - Last updated April 1, 2015