Abstract
Social engineering attacks the weakest organizational security link – the human. The influx of employees using social media throughout the working environment has presented information security professionals with an extensive array of challenges facing people, process and technology. These challenges also show enormous impact on the confidentiality, integrity and availability of information assets residing within the organization. This paper aims to provide an in-depth insight into classification and mitigation of social engineering security issues faced by enterprises in adopting social media for business use.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Almeida, F.: Web 2.0 technologies and social networking security fears in enterprises. arXiv preprint arXiv:1204 (2012)
Bell, J.: Clearing the AIR. Communication World 27(1), 27–30 (2010)
Colwill, C.: Human factors in information security: The insider threat–Who can you trust these days? Information Security Technical Report 14(4), 186–196 (2009)
Furnell, S.: End User Security Culture – A Lesson That Will Never Be Learnt? Computer Fraud & Security, 6–9 (April 2008)
Gross, R., Acquisti, A.: Information revelation and privacy in online social networks. In: Proceedings of the 2005 ACM Workshop on Privacy in the Electronic Society, pp. 71–80. ACM (November 2005)
Gudaitis, The Impact of Social Media on Information Security: What every company needs to know (2013)
Hardy, C.A., Williams, S.P.: Managing information risks and protecting information assets in a Web 2.0 era. In: Proceedings of the 23rd Bled eConferenceeTrust: Implications for the Individual, Enterprises and Society, Bled, Slovenia, June 20-23 (2010)
He, W.: A review of social media security risks and mitigation techniques. Journal of Systems and Information Technology 14(2), 171–180 (2012)
ISACA. Social Media: Business Benefits and Security, Governance and Assurance Perspectives. An ISACA emerging technology whitepaper (2010)
King, P.: Cyber Crooks Target Social Networking Sites, Point for Credit Research & advice, 9 (January 1, 2008)
Meister, J.C., Willyerd, K.: The 2020 workplace. HarperCollins, New York (2010)
Rudman, R.J.: Framework to identify and manage risks in Web 2.0 applications. African Journal of Business Management 4(13), 3251–3264 (2010)
Sanders, B.G., Dowland, P.S., Furnell, S.: An Assessment of People’s Vulnerabilities in Relation to Personal and Sensitive Data. In: Proceedings of the Third International Symposium on Human Aspects of Information Security & Assurance (HAISA 2009), Athens, Greece, June 25-26, p. 50 (2009)
Savage, M.: Target the human. Cybercriminals are using social engineering fueled by social media to attack users and break into companies. Information Security (May, 2011)
Shogren, E.: BP: A textbook example of how not to handle PR. The message makers: inside PR and advertising, NPR (2011)
Symantec. Social Media Protection Flash Poll Global Results. Powerpoint Presentation (2011)
Turner, R.: The dawn of a new approach to security. Computer Fraud & Security 2010(4), 15–17 (2010)
Workman, M., Bommer, W.H., Straub, D.: Security lapses and the omission of information security measures: A threat control model and empirical test. Computers in Human Behavior 24(6), 2799–2816 (2008)
Wright, D.K., Hinson, M.D.: An analysis of the increasing impact of social and other new media on public relations practice. In: 12th Annual International Public Relations Research Conference, Coral Gables, Florida, vol. 7 (March 2009)
Young, K.: Policies and procedures to manage employee Internet abuse. Computers in Human Behavior 26(6), 1467–1471 (2010)
Zerfass, A., Linke, A.: Future trends in social media use for strategic organisation communication: Results of a Delphi study. Public Communication Review 2(3) (2012)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Wilcox, H., Bhattacharya, M., Islam, R. (2014). Social Engineering through Social Media: An Investigation on Enterprise Security. In: Batten, L., Li, G., Niu, W., Warren, M. (eds) Applications and Techniques in Information Security. ATIS 2014. Communications in Computer and Information Science, vol 490. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-45670-5_23
Download citation
DOI: https://doi.org/10.1007/978-3-662-45670-5_23
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-45669-9
Online ISBN: 978-3-662-45670-5
eBook Packages: Computer ScienceComputer Science (R0)