Social engineering in information assurance curricula

Douglas P. Twitchell

doi:10.1145/1231047.1231062

Social engineering in information assurance curricula

Douglas P. Twitchell

Information Technology and Supply Chain Management Department

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

15 Scopus citations

Abstract

With the increasing use of security technology, technical attacks should become more difficult leading attackers to employ social engineering as a means to obtaining unauthorized access to information. Therefore, social engineering is a potentially dangerous threat to information security. Fortunately, a number of countermeasures have been proposed to defend against it. These countermeasures include implementing policy, providing end-user and key personnel education, and performing security audits. However, most current prominent information assurance curricula do not directly address social engineering and only indirectly address the countermeasures. Amending these curricula to include social engineering as a topic may help students be better prepared for encountering social engineering threats.

Original language	English
Title of host publication	Proceedings of the 2006 Information Security Curriculum Development Conference, InfoSecCD '06
Pages	191-193
Number of pages	3
DOIs	https://doi.org/10.1145/1231047.1231062
State	Published - 2007
Event	2006 Information Security Curriculum Development Conference, InfoSecCD '06 - Kennesaw, GA, United States Duration: 22 Sep 2006 → 23 Sep 2006

Publication series

Name	Proceedings of the 2006 Information Security Curriculum Development Conference, InfoSecCD '06

Conference

Conference	2006 Information Security Curriculum Development Conference, InfoSecCD '06
Country/Territory	United States
City	Kennesaw, GA
Period	22/09/06 → 23/09/06

Keywords

Information security curriculum
Social engineering

Access to Document

10.1145/1231047.1231062

Cite this

@inproceedings{1cedbff9aa984703b55652696a150ab6,

title = "Social engineering in information assurance curricula",

abstract = "With the increasing use of security technology, technical attacks should become more difficult leading attackers to employ social engineering as a means to obtaining unauthorized access to information. Therefore, social engineering is a potentially dangerous threat to information security. Fortunately, a number of countermeasures have been proposed to defend against it. These countermeasures include implementing policy, providing end-user and key personnel education, and performing security audits. However, most current prominent information assurance curricula do not directly address social engineering and only indirectly address the countermeasures. Amending these curricula to include social engineering as a topic may help students be better prepared for encountering social engineering threats.",

keywords = "Information security curriculum, Social engineering",

author = "Twitchell, {Douglas P.}",

year = "2007",

doi = "10.1145/1231047.1231062",

language = "English",

isbn = "1595934375",

series = "Proceedings of the 2006 Information Security Curriculum Development Conference, InfoSecCD '06",

pages = "191--193",

booktitle = "Proceedings of the 2006 Information Security Curriculum Development Conference, InfoSecCD '06",

note = "2006 Information Security Curriculum Development Conference, InfoSecCD '06 ; Conference date: 22-09-2006 Through 23-09-2006",

}

Twitchell, DP 2007, Social engineering in information assurance curricula. in Proceedings of the 2006 Information Security Curriculum Development Conference, InfoSecCD '06., 1231062, Proceedings of the 2006 Information Security Curriculum Development Conference, InfoSecCD '06, pp. 191-193, 2006 Information Security Curriculum Development Conference, InfoSecCD '06, Kennesaw, GA, United States, 22/09/06. https://doi.org/10.1145/1231047.1231062

Social engineering in information assurance curricula. / Twitchell, Douglas P.
Proceedings of the 2006 Information Security Curriculum Development Conference, InfoSecCD '06. 2007. p. 191-193 1231062 (Proceedings of the 2006 Information Security Curriculum Development Conference, InfoSecCD '06).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Social engineering in information assurance curricula

AU - Twitchell, Douglas P.

PY - 2007

Y1 - 2007

N2 - With the increasing use of security technology, technical attacks should become more difficult leading attackers to employ social engineering as a means to obtaining unauthorized access to information. Therefore, social engineering is a potentially dangerous threat to information security. Fortunately, a number of countermeasures have been proposed to defend against it. These countermeasures include implementing policy, providing end-user and key personnel education, and performing security audits. However, most current prominent information assurance curricula do not directly address social engineering and only indirectly address the countermeasures. Amending these curricula to include social engineering as a topic may help students be better prepared for encountering social engineering threats.

AB - With the increasing use of security technology, technical attacks should become more difficult leading attackers to employ social engineering as a means to obtaining unauthorized access to information. Therefore, social engineering is a potentially dangerous threat to information security. Fortunately, a number of countermeasures have been proposed to defend against it. These countermeasures include implementing policy, providing end-user and key personnel education, and performing security audits. However, most current prominent information assurance curricula do not directly address social engineering and only indirectly address the countermeasures. Amending these curricula to include social engineering as a topic may help students be better prepared for encountering social engineering threats.

KW - Information security curriculum

KW - Social engineering

UR - http://www.scopus.com/inward/record.url?scp=34748892418&partnerID=8YFLogxK

U2 - 10.1145/1231047.1231062

DO - 10.1145/1231047.1231062

M3 - Conference contribution

AN - SCOPUS:34748892418

SN - 1595934375

SN - 9781595934376

T3 - Proceedings of the 2006 Information Security Curriculum Development Conference, InfoSecCD '06

SP - 191

EP - 193

BT - Proceedings of the 2006 Information Security Curriculum Development Conference, InfoSecCD '06

T2 - 2006 Information Security Curriculum Development Conference, InfoSecCD '06

Y2 - 22 September 2006 through 23 September 2006

ER -

Social engineering in information assurance curricula

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this