Security threats explained: Social engineering


"The cost of such security breaches can be enormous for an organisation," McKinnel says. "Not only can valuable intellectual property be stolen, but there is the danger of breaching regulatory and compliance issues, the risk of immeasurable damage to a brand/customer confidence and the fall out of auditing and legal costs."

Bitdefender's Cosoi says social media is a very important vector for targeted attacks against companies. "The future of such attacks lies in social malware and social engineering-- convincing people to infect themselves by installing applications that have a background agenda."

Check Point's McKinnel says the best way to mitigate the risk of social engineering is a mix of technology, simple security policies and user awareness.

"Having a simply-written security policy that staff and users can understand is key, and that policy needs to be supported by regularly repeated education focusing on the implications of security issues rather than just the rules," he says.