Modern cybersecurity is seeing a spike in attention. Recent vulnerabilities and exploits have prompted industry professionals to spend a greater amount on cybersecurity measures, from powerful and comprehensive authentication systems to the most thorough and comprehensive firewall and anti-virus systems. These professionals seek to stop hackers and other malicious parties from gaining access to their systems by shoring up all possible gaps in their technology, but often overlook the weakest point in their system: the human element.
People are often one of the first things a malicious party will attempt to manipulate during an intrusion, since people seek to please one another, help those that help them, and quickly appease those who approach them in order to maintain their personal space. Where hackers have found themselves stymied upon being faced with an overly aggressive firewall or unbreakable authentication system, an exploitation of the human element has been key in obtaining the desired information or resource. Social engineering must be protected against alongside other forms of exploitation, in order to best protect information.
In this paper, the writers explore and discuss the field of cybersecurity known as social engineering. After a review of the field as it currently stands, the writers will outline a graduate-level curriculum for social engineering education, which can be used to teach aspiring offensive cybersecurity analysts the best methods to test the security of an organization’s human element, as well as teach aspiring security professionals about best practices and policies that they can use to protect the resources they are responsible for.
Are you a researcher? Would you like to cite this paper?
Visit the ASEE document repository at
for more tools and easy citations.