CFP last date
20 May 2024
Call for Paper
June Edition
IJCA solicits high quality original research papers for the upcoming June edition of the journal. The last date of research paper submission is 20 May 2024

Submit your paper
Know more
The week's pick
Responsive image
Enhancing Privacy Preservation: Multi-Attribute Protection with P-Sensitive K-Anonymity

Twinkle Patel Kiran Amin
Random Articles
Reseach Article

Does Awareness of Social Engineering Make Employees More Secure?

by Hussain Aldawood, Tawfiq Alashoor, Geoffrey Skinner
journal cover thumbnail

International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 177 - Number 38
Year of Publication: 2020
Authors: Hussain Aldawood, Tawfiq Alashoor, Geoffrey Skinner
10.5120/ijca2020919891

Hussain Aldawood, Tawfiq Alashoor, Geoffrey Skinner . Does Awareness of Social Engineering Make Employees More Secure?. International Journal of Computer Applications. 177, 38 ( Feb 2020), 45-49. DOI=10.5120/ijca2020919891

@article{ 10.5120/ijca2020919891,
author = { Hussain Aldawood, Tawfiq Alashoor, Geoffrey Skinner },
title = { Does Awareness of Social Engineering Make Employees More Secure? },
journal = { International Journal of Computer Applications },
issue_date = { Feb 2020 },
volume = { 177 },
number = { 38 },
month = { Feb },
year = { 2020 },
issn = { 0975-8887 },
pages = { 45-49 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume177/number38/31158-2020919891/ },
doi = { 10.5120/ijca2020919891 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-07T00:48:08.391950+05:30
%A Hussain Aldawood
%A Tawfiq Alashoor
%A Geoffrey Skinner
%T Does Awareness of Social Engineering Make Employees More Secure?
%J International Journal of Computer Applications
%@ 0975-8887
%V 177
%N 38
%P 45-49
%D 2020
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Social engineering has become one of the biggest security threats facing organizations. Rather than relying upon information security technical-related shortcomings to break into computer networks, social engineers make use of employees’ individual and organizational traits to deceive them. In such a scenario, it is crucial for organizations to ensure that their employees not only possess sound knowledge about information security but also about the concept of social engineering and threats emerging from social engineering attacks. This study aims to test whether awareness of social engineering can predict and explain individuals’ security-protective practices. We conducted a survey of 265 employees working in different organizations in Saudi Arabia. The results suggest that awareness of social engineering is a positive predictor of security-protective practices above and beyond the predictability power of possessing information security knowledge. Thus, to reduce the probability of potential consequences of social engineering attacks, our study suggests that organizations should not only strive to enhance employees’ security knowledge but should also invest in increasing employees’ awareness of social engineering.

References
  1. Breda, F., Barbosa, H. and Morais, T. Social engineering and cyber security. City, 2017.
  2. Salahdine, F. and Kaabouch, N. Social Engineering Attacks: A Survey. Future Internet, 11, 4 (2019), 89.
  3. Kumar, A., Chaudhary, M. and Kumar, N. Social engineering threats and awareness: a survey. European Journal of Advances in Engineering and Technology, 2, 11 (2015), 15-19.
  4. Aldawood, H. and Skinner, G. Contemporary Cyber Security Social Engineering Solutions, Measures, Policies, Tools and Applications: A Critical Appraisal. International Journal of Security (IJS), 10, 1 (2019), 1.
  5. Chan, H. and Mubarak, S. Significance of information security awareness in the higher education sector. International Journal of Computer Applications, 60, 10 (2012).
  6. Yunos, Z., Ab Hamid, R. S. and Ahmad, M. Development of a cyber security awareness strategy using focus group discussion. IEEE, City, 2016.
  7. Aldawood, H. and Skinner, G. Reviewing Cyber Security Social Engineering Training and Awareness Programs—Pitfalls and Ongoing Issues. Future Internet, 11, 3 (2019), 73.
  8. Ahmad, S. Social Engineering Techniques Contrast Study. International Journal of Engineering, 9, 1 (2017), 105-110.
  9. C, A., Adesegun, O., Y.A, A. and Oludele, A. Social Engineering Attack Awareness : Case Study of a Private University in Nigeria, 2013.
  10. Aldawood, H. and Skinner, G. Educating and Raising Awareness on Cyber Security Social Engineering: A Literature Review. City, 2018.
  11. Daimi, K. Computer and Network Security Essentials, 2017.
  12. Snyder, C. Handling human hacking: creating a comprehensive defensive strategy against modern social engineering (2015).
  13. Albladi, S. M. and Weir, G. R. User characteristics that influence judgment of social engineering attacks in social networks. Human-centric Computing and Information Sciences, 8, 1 (2018), 5.
  14. Airehrour, D., Vasudevan Nair, N. and Madanian, S. Social Engineering Attacks and Countermeasures in the New Zealand Banking System: Advancing a User-Reflective Mitigation Model. Information, 9, 5 (2018), 110.
  15. Team, C. I. T. Unintentional insider threats: Social engineering. Software Engineering Institute (2014).
  16. Algarni, A., Xu, Y. and Chan, T. An empirical study on the susceptibility to social engineering in social networking sites: the case of Facebook. European Journal of Information Systems, 26, 6 (2017), 661-687.
  17. Sheng, S., Holbrook, M., Kumaraguru, P., Cranor, L. F. and Downs, J. Who falls for phish?: a demographic analysis of phishing susceptibility and effectiveness of interventions. ACM, City, 2010.
  18. Iuga, C., Nurse, J. R. and Erola, A. Baiting the hook: factors impacting susceptibility to phishing attacks. Human-centric Computing and Information Sciences, 6, 1 (2016), 8.
  19. Hadlington, L. Human factors in cybersecurity; examining the link between Internet addiction, impulsivity, attitudes towards cybersecurity, and risky cybersecurity behaviours. Heliyon, 3, 7 (2017), e00346.
  20. Parrish Jr, J. L., Bailey, J. L. and Courtney, J. F. A personality based model for determining susceptibility to phishing attacks. Little Rock: University of Arkansas (2009), 285-296.
  21. Abass, I. A. M. Social Engineering Threat and Defense: A Literature Survey. Journal of Information Security, 9, 04 (2018), 257.
  22. H. Aldawood and G. Skinner, "Contemporary Cyber Security Social Engineering Solutions, Measures, Policies, Tools and Applications: A Critical Appraisal," International Journal of Security (IJS), vol. 10, no. 1, p. 1, 2019.
Index Terms

Computer Science
Information Sciences

Keywords

Cyber Security Information Security Social Engineering Social Engineering Attacks Social Engineering Awareness Information Security Awareness Security Awareness Programs. Information Security Awareness Programs.

Powered by PhDFocusTM