Centro Ricerche Socio-Psicologiche e Criminologico Forensi | THEMIS

progetti e ricerche themis new header

Social engineering and the value of data: the need of specific awareness programs

By Isabella Corradini and Enrico Nardelli

In the field of cybersecurity human factor is considered one of the most critical elements. Security experts know well the importance of people’s security behaviors such as managing passwords, avoiding phishing attacks and similar. However, organizations still lack a strong cybersecurity culture to manage security risks related in particular to the human factor. In this paper we describe the results of a study involving 212 employees belonging to two companies operating in the service sector. Within a cybersecurity awareness project executed in each company, employees participated in workshop sessions and were asked to evaluate the credibility and the success probability of a list of the most common security risk scenarios based on social engineering techniques. Cyber-attacks based on these techniques are considered among the most successful because use psychological principles to manipulate people’s perception and obtain valuable information. The comparison of results obtained in the two companies shows that awareness training programs pay off in terms of raising people’s attention to cyber-risks.

Proceedings of the AHFE 2019 International Conference on Human Factors in Cybersecurity, July 24-28, 2019 - Washington D.C., USA - Springer

Informazioni aggiuntive

  • Anno/Year: 2019

Progetti e Ricerche

Progetti e RicercheProgetti e Ricerche

Il Centro Themis realizza ricerche e studi negli ambiti della psicologia, della sociologia, del diritto, della criminologia, della salute e sicurezza sul lavoro, della security aziendale, della comunicazione.

Edizioni Themis

Edizioni ThemisEdizioni Themis

Il Centro Themis realizza prodotti editoriali a carattere specialistico negli ambiti della psicologia, della sociologia, del diritto, della criminologia, della salute e sicurezza sul lavoro, della security, della comunicazione.

Seminari e Workshop

Seminari e WorkshopSeminari e Workshop

Il Centro Themis è partner di strutture qualificate per attività di formazione e seminari specialistici. I temi riguardano: psicologia, criminologia, sicurezza (safety, security e cybersecurity), comunicazione del rischio e della sicurezza.

Login