Forensic Socio-Psychological and Criminological Research Center | THEMIS

progetti e ricerche themis new header

Social engineering and the value of data: the need of specific awareness programs

By Isabella Corradini and Enrico Nardelli

In the field of cybersecurity human factor is considered one of the most critical elements. Security experts know well the importance of people’s security behaviors such as managing passwords, avoiding phishing attacks and similar. However, organizations still lack a strong cybersecurity culture to manage security risks related in particular to the human factor. In this paper we describe the results of a study involving 212 employees belonging to two companies operating in the service sector. Within a cybersecurity awareness project executed in each company, employees participated in workshop sessions and were asked to evaluate the credibility and the success probability of a list of the most common security risk scenarios based on social engineering techniques. Cyber-attacks based on these techniques are considered among the most successful because use psychological principles to manipulate people’s perception and obtain valuable information. The comparison of results obtained in the two companies shows that awareness training programs pay off in terms of raising people’s attention to cyber-risks.

Proceedings of the AHFE 2019 International Conference on Human Factors in Cybersecurity, July 24-28, 2019 - Washington D.C., USA - Springer

Additional Info

  • Anno/Year: 2019

Projects and Research

Projects and ResearchProjects and Research

Themis Center carries out research and studies in the fields of psychology, sociology, del law, criminology, health and safety at work, business security, communication.

Themis editions - italian only

Themis editions - italian onlyThemis editions - italian only

Themis Center produces specialized publishing products in the fields of psychology, sociology, law, criminology, health and safety at work, security, communications.

Seminars and Workshops

Seminars and WorkshopsSeminars and Workshops

Themis Center is a partner of qualified structures for training activities and specialized seminars. Topics include: psychology, criminology, security (safety, security and cybersecurity), risk and security communication.

logo themis footer

Themis - Forensic Socio-Psychological and Criminological Research Center