'Humans are the weakest link in Cybersecurity'

 

Almost all cyber-attacks rely on social engineering at at least one of the attack stages; yet, today this aspect gets the least attention. Social engineering uses manipulation, influence and deception to get a person, typically a trusted insider within an organization, to comply with a request. The request is often to release information or to perform a particular action that will, unknown to the person, be beneficial to an attacker. Kevin Mitnick, the world-renowned hacker / converted Security Consultant, has written a book on how he aggressively used social engineering to breach the most difficult stages of his hacks - who needs to break a lock when someone will willingly open the door for him?


Social engineering attacks are getting more sophisticated as social media provides ample reconnaissance information to reinforce the attack. To us, it is a straightforward conclusion that the proportion of time, effort and investment on making the staff more vigilant needs to increase.