CYBERSECURITY INERTIA AND SOCIAL ENGINEERING: WHO'S WORSE, EMPLOYEES OR HACKERS?

2019 Issues in Information Systems  
Subject matter experts assert that cybersecurity inertia critically contributes to successful cyberattacks that steal business confidential data and personal private information, capable of influencing major elections, crippling businesses, and causing devastating identify theft. The role cyber warfare plays in our daily lives cannot be underestimated. According to a 2018 Gallup Poll, 71% of Americans are more worried about cybercrime than violent crimes, including terrorism, murder, and sexual
more » ... murder, and sexual assault. Human error or negligent behavior is being increasingly blamed for cyberattacks, costing an organization an average of more than $15 million per year. Our research focuses on social engineering, an attack vector that relies on human interaction by manipulating people into breaking normal security protocols and best practices, permitting actors access to computer systems, networks or physical locations for fraudulent purposes. We discuss these constructs by exploring the most prevalent types of cyberattacks, the actors, and their prey, the human targets, perceived to be the weakest links within the organizational system. We close by offering recommendations to disrupt cybersecurity inertia and mitigation strategies to curb the influence of social engineering upon unsuspecting organizations.
doi:10.48009/3_iis_2019_139-150 fatcat:iaaid4qygbgzllaa2iznywswnu