Social engineering: Is security focused on the wrong problem?

Security Awareness Training and Internal Threats-Information

Email Alerts

Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • The Daily Dose: Chris Wysopal blogs from RSA Conference 2007

    In his exclusive daily column from RSA Conference 2007, security pro Chris Wysopal comments on vulnerability disclosure, and says emerging Web application technologies present many new attack vectors that have yet to be discovered. 

  • Threats to physical security

    This is tip No. 6 in our series, "How to assess and mitigate information security threats," excerpted from Chapter 3: The Life Cycle of Internet Access Protection Systems of the book "The Shortcut Guide to Protecting Business Internet Usage" publishe... 

  • trusted computing

    Trusted computing is a broad term that refers to technologies and proposals for resolving computer security problems through hardware enhancements and associated software modifications... (Continued) 

  • What's your biggest information security concern?

    In this month's issue of Information Security magazine, we reveal the results of this year's priorities survey. Readers ranked insider threats and information leaks as their top concerns. Get tips from auditors on how to avoid audit failure and get P... 

  • social engineering

    Social engineering is a term that describes a non-technical kind of intrusion that relies heavily on human interaction and often involves tricking other people to break normal security procedures. 

  • Security Bytes: Hackers target the Terminator

    In other news, Symantec upgrades its Norton product line and the Anti-Phishing Working Group says phishing activity soared this summer. 

  • Risk management: Data organization and impact analysis

    This first article of the Insider Threat Management Guide explains how to data organization is the first step in implementing insider threat controls. 

  • Risk management: Baseline management and control

    Identifying baseline controls is the second step to implementing insider threat controls as described in this article from SearchSecurity's Insider Threat Management Guide. 

  • Risk management audit

    This article explores the audit function in the insider threat management process. 

  • Risk management: Implementation of baseline controls

    This fourth article in the Insider Threat Management Guide examines the implementation of baseline controls.