This thesis is the end result of the graduation project with the title ‘Managing social engineering risk’ and subtitle ‘Making social engineering transparent’. This research project focuses on social engineering in organizations and addresses the following questions; what is social engineering and who is this social engineer, what are the threats to organizations, how can these threats be identified and which countermeasures can be taken to mitigate the risk of social engineering?
The answers to these questions will lead to a social engineering risk management model to make the risks of social engineering more transparent and help organizations implement mitigating controls against social engineering.
A frequently overlooked factor in information security is the human, and more specifically the manipulation of a person to compromise information security. This thesis focuses on making the risks of this ‘social engineering’ transparent. And helping organizations manage these risks through a social engineering risk management model.
The research consists of:
* Elaborate theoretical research on social engineering and related subjects.
* Qualitative empirical research verifying the theory, generating comments on a preliminary social engineering risk management model and requirements for the final model.
* The proposal of a social engineering risk management model.
* Conclusions and recommendations.
File Type: PDF
File Size: 1.29 MB
Total Pages: 130
Direct Link Mega:
Direct Link AnonFiles:
Direct Link Mediafire:
Direct Link Solidfiles:
Direct Link Sabercathost:
Direct Link Tusfiles: