Alkhamis, E. and Renaud, K. (2016) The Design and Evaluation of an Interactive Social Engineering Training Programme. In: International Symposium on Human Aspects of Information Security and Assurance (HAISA 2016), Frankfurt, Germany, 19 - 21 July 2016, pp. 125-134. ISBN 9781841024134
|
Text
120717.pdf - Accepted Version 802kB |
Publisher's URL: http://cscan.org/default.asp?page=openaccess&eid=17&id=282
Abstract
Social engineering is a major issue affecting organisational security. Educating employees on how to avoid social engineering attacks is important because social engineering tries to penetrate an organisation by using employees to grant authorized access to sensitive information. While there are a number of theoretical studies about social engineering, a few practical studies have moved towards educating and training employees on how to spot such attacks. In this research, we emphasise the importance of educating employees to make them more resilient to these kinds of attacks. We developed an educational video encapsulated within a Social Engineering Training Programme. This is essentially an interactive training video during which the learner interacts with three different scenarios; educational content, a knowledge-check, and a web page containing the latest news about current social engineering attacks. The training programme was evaluated in a Saudi trading company with 24 employees. The evaluation showed that the programme delivered a positive impact in terms of awareness, as tested by a post-training quiz
Item Type: | Conference Proceedings |
---|---|
Status: | Published |
Refereed: | Yes |
Glasgow Author(s) Enlighten ID: | Renaud, Professor Karen |
Authors: | Alkhamis, E., and Renaud, K. |
College/School: | College of Science and Engineering > School of Computing Science |
ISBN: | 9781841024134 |
Copyright Holders: | Copyright © 2016 The Authors |
First Published: | First published in Tenth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2016): 125-134 |
Publisher Policy: | Reproduced in accordance with the publisher copyright policy |
Related URLs: |
University Staff: Request a correction | Enlighten Editors: Update this record