Home » Combat Social Engineering: Don’t Be the Weakest Link
Technology|Operations

Combat Social Engineering: Don’t Be the Weakest Link

Smart criminals go after the 'lowest hanging fruit.'

David Blazier
September 16, 2010
No Comments
KEYWORDS engineering / security / social

Characteristics of a weak security chain

Industry experts and government regulators agree that institutions most at risk of succumbing to social engineering tactics tend to lack:

  • Adequate policies and procedures pertaining to physical security;
  • A security awareness program that allows for training of employees at all levels; or
  • An established system of vendor and visitor tracking.

These three elements are dependent on each other to properly defend against the threat of social engineering schemes.

A deficiency in one area creates significant vulnerabilities in the others, allowing easy entry points for savvy criminals to exploit.

Of course, professional social engineers know this information, too. That’s why tactics like the “trusted vendor” scenario—which can exploit numerous vulnerabilities simultaneously—tend to be highly successful at organizations that have inadequate polices and procedures, limited security awareness training, and no formal system of tracking authorized vendors.

Next: A ‘trusted vendor’ scenario

KEYWORDS engineering / security / social

Related Articles

Protective Patterns

Ten Tips on Going Virtual

E-Signatures: A New Avenue for Forgery?

Recent Articles by David Blazier

Social Engineers Target Service Staff

Beware of Criminals Posing As 'Fellow Employees'

What You Don’t Know Really Can Hurt You

Don’t Ignore Threats From Behind the Firewall

Author

David Blazier

Post a comment to this article

Only In Print Own the Member Experience

Own the Member Experience

CUs find competitive differentiators beyond products and services

Amplifying the CU Message

Amplifying the CU Message

CUs create a big impact during election season.

Embrace a Living Wage

Embrace a Living Wage

Sustainable wages help CUs attract and retain staff.

App Digital Edition Subscribe

What's Trending

Compliance: Frequency of early intervention notices

The new mortgage servicing rule from the CFPB clarifies the frequency of required written early intervention notices. A mortgage servicer must provide notice to a delinquent borrower no later than the 45th day of the borrower’s delinquency.

CUNA to House subcommittee: Eliminate TCPA overreach

It is imperative that Congress take action to eliminate the negative consequences of last year’s changes to the Telephone Consumer Protection Act, CUNA wrote to a House subcommittee conducting a TCPA hearing Thursday.

TCPA, payday proposal covered in this week’s Advocacy Update

CUNA Chief Advocacy Officer Ryan Donovan discusses this week's congressional activities, as well as advocacy strategies for the CFPB's short-term, small-dollar loan proposal in this week's Advocacy Update video.

Your Say

What's the pace of staff turnover at your CU?

View Results Poll Archive