Security in IS and social engineering -- an overview and state of the art
Florence S\`edes (UT3, IRIT, CNRS)
TL;DR
This paper provides an overview of security challenges in information systems, emphasizing social engineering and cybercrime, and discusses current practices and future directions for prevention and detection.
Contribution
It synthesizes existing literature and professional practices on IS security and social engineering, highlighting the importance of proactive detection and prevention strategies.
Findings
Social engineering is a major vector for cybercrime.
Detection of weak signals is crucial for early intervention.
Current policies are often insufficient, requiring upstream proactive measures.
Abstract
Major transformations related to information technologies affect InformationSystems (IS) that support the business processes of organizations and their actors. Deployment in a complex environment involving sensitive, massive and heterogeneous data generates risks with legal, social and financial impacts. This context of transition and openness makes the security of these IS central to the concerns of organizations. The digitization of all processes and the opening to IoT devices (Internet of Things) has fostered the emergence of a new formof crime, i.e. cybercrime.This generic term covers a number of malicious acts, the majority of which are now perpetrated using social engineering strategies, a phenomenon enabling a combined exploitation of ``human'' vulnerabilities and digital tools. The maliciousness of such attacks lies in the fact that they turn users into facilitators of…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsInformation and Cyber Security