Engineering Commons^™

Pause For A Cybersecurity Cause: Assessing The Influence Of A Waiting Period On User Habituation In Mitigation Of Phishing Attacks, Amy Antonucci

CCE Theses and Dissertations

Social engineering costs organizations billions of dollars a year. Social engineering exploits the weakest link of information security systems, the people who are using them. Phishing is a form of social engineering in which the perpetrator depends on the victim’s instinctual thinking towards an email designed to create a fear or excitement response. It is well-documented in literature that users continue to click on phishing emails costing them and their employers significant monetary resources and data loss. Training does not appear to mitigate the effects of phishing much; other solutions are necessary to mitigate phishing.

Kahneman introduced the concepts of …

An Empirical Assessment Of Users' Information Security Protection Behavior Towards Social Engineering Breaches, Nisha Jatin Patel

CCE Theses and Dissertations

User behavior is one of the most significant information security risks. Information Security is all about being aware of who and what to trust and behaving accordingly. Due to technology becoming an integral part of nearly everything in people's daily lives, the organization's need for protection from security threats has continuously increased. Social engineering is the act of tricking a user into revealing information or taking action. One of the riskiest aspects of social engineering is that it depends mainly upon user errors and is not necessarily a technology shortcoming. User behavior should be one of the first apprehensions when …