EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Reviewing Cyber Security Social Engineering Training and Awareness Programs—Pitfalls and Ongoing Issues

Hussain Aldawood and Geoffrey Skinner
Additional contact information
Hussain Aldawood: School of Electrical Engineering and Computing, University of Newcastle, Newcastle 2308, Australia
Geoffrey Skinner: School of Electrical Engineering and Computing, University of Newcastle, Newcastle 2308, Australia

Future Internet, 2019, vol. 11, issue 3, 1-16

Abstract: The idea and perception of good cyber security protection remains at the forefront of many organizations’ information and communication technology strategy and investment. However, delving deeper into the details of its implementation reveals that organizations’ human capital cyber security knowledge bases are very low. In particular, the lack of social engineering awareness is a concern in the context of human cyber security risks. This study highlights pitfalls and ongoing issues that organizations encounter in the process of developing the human knowledge to protect from social engineering attacks. A detailed literature review is provided to support these arguments with analysis of contemporary approaches. The findings show that despite state-of-the-art cyber security preparations and trained personnel, hackers are still successful in their malicious acts of stealing sensitive information that is crucial to organizations. The factors influencing users’ proficiency in threat detection and mitigation have been identified as business environmental, social, political, constitutional, organizational, economical, and personal. Challenges with respect to both traditional and modern tools have been analyzed to suggest the need for profiling at-risk employees (including new hires) and developing training programs at each level of the hierarchy to ensure that the hackers do not succeed.

Keywords: cyber security social engineering; training and awareness programs challenges; information security awareness programs (search for similar items in EconPapers)
JEL-codes: O3 (search for similar items in EconPapers)
Date: 2019
References: View references in EconPapers View complete reference list from CitEc
Citations: View citations in EconPapers (3)

Downloads: (external link)
https://www.mdpi.com/1999-5903/11/3/73/pdf (application/pdf)
https://www.mdpi.com/1999-5903/11/3/73/ (text/html)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:gam:jftint:v:11:y:2019:i:3:p:73-:d:214791

Access Statistics for this article

Future Internet is currently edited by Ms. Grace You

More articles in Future Internet from MDPI
Bibliographic data for series maintained by MDPI Indexing Manager ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-19
Handle: RePEc:gam:jftint:v:11:y:2019:i:3:p:73-:d:214791