There was a time, not long ago, when the term social engineering meant the manipulation of behavior and various outcomes through public policy. It referred to political issues.
The digital revolution has led to a new meaning for the term, and it’s one you should know about: “social engineering” is a threat to data system security based on “the art of influencing people to disclose information and to get them to act inappropriately.”
In other words, it’s a con job to get people to reveal things about their passwords and related digital assets to help thieves gain access to a system or database.
The important point about social engineering is that it is another human risk factor that you need to address in your risk management plan. Your efforts to harden the computer systems in your organization against technical intrusion will be pointless if the people who have access to them are vulnerable to social engineering attacks. … Continue reading