Social Engineering Knowledge Measured as a Security Countermeasure
Başlık:
Social Engineering Knowledge Measured as a Security Countermeasure
Yazar:
Sanders, Christopher Artejus, author.
ISBN:
9780438111370
Yazar Ek Girişi:
Fiziksel Tanımlama:
1 electronic resource (37 pages)
Genel Not:
Source: Masters Abstracts International, Volume: 57-06M(E).
Includes supplementary digital materials.
Advisors: Matt E. Thatcher Committee members: Csilla Farkas; Amir Karami.
Özet:
Social Engineering has become a significant threat to the security of business, government, and academic institutions. As vulnerabilities to social engineering attacks increase, organizations must incorporate risk mitigation strategies to their portfolios of Information Systems Security Countermeasures (ISSC). The goal is to implement mitigation strategies that balance the cost of implementation, the privacy of employees, and the resulting expected costs of social engineering attacks. In this paper we develop an analytical model that calculates the total cost of protection, including the trade-off between the cost of implementing protection strategies and the resulting expected cost of social engineering attacks. We use the model to examine the sensitivity of total costs to various model parameters, including costs of training, knowledge retention and depreciation rate, and number of employees.
This model builds on prior work from the Ponemon Institute examining the economic costs of social engineering attacks and the methods implemented to reduce the risk and mitigate the costs of such attacks. In particular, we leverage the empirical analysis presented in Ponemon Institute(2015) to develop a model that examines the economic impacts of various mitigation strategies and the resulting economic trade-offs. This works illustrates that knowledge and awareness among users is an effective method for controlling social engineering threats. The scenarios highlighted in this work illustrated how costs play a role in protection using knowledge as a countermeasure and found the most cost effective solutions using the same model used by Ponemon(2015). This analysis may help companies develop efficient ways to protect themselves from social engineering attacks while efficiently managing resources in the social engineering realm.
Notlar:
School code: 0202
Tüzel Kişi Ek Girişi:
Mevcut:*
Yer Numarası | Demirbaş Numarası | Shelf Location | Lokasyon / Statüsü / İade Tarihi |
---|---|---|---|
XX(688053.1) | 688053-1001 | Proquest E-Tez Koleksiyonu | Arıyor... |
On Order
Liste seç
Bunu varsayılan liste yap.
Öğeler başarıyla eklendi
Öğeler eklenirken hata oldu. Lütfen tekrar deneyiniz.
:
Select An Item
Data usage warning: You will receive one text message for each title you selected.
Standard text messaging rates apply.