Johannesburg, 02 Apr 2012
Social engineering has been a problem for decades. The difference in the information era is that there are a lot more channels and a far wider target for it.
This is the view of Raj Samani, VP and CTO of McAfee EMEA, who will be a speaker at ITWeb's annual IT Security Summit, in Sandton, in May.
Samani notes that anyone is susceptible to momentary lapses in judgement, and anyone can be taken in by confidence tricksters. The problem today, he says, is that the Internet and social media deliver a far higher number of targets for social engineering attacks.
“Even if the success rate of a spam campaign is as low as 0.1%, that isn't bad if you've spammed millions of people,” he points out. “If a cyber criminal manages to defraud only 10 or 20 people, but gets millions out of each, that's worth their while.”
Because clever social engineering can deliver a cyber criminal into the heart of a company's information, enterprises need to approach the problem through a number of controls, Samani says.
“There's no silver bullet, and it isn't just about the technologies in place,” he says. “Companies need to have a culture in which employees feel comfortable telling their colleagues and superiors that they may have been targeted in a social engineering attack, so that steps can be taken immediately to counter potential damage.”
The ITWeb Security Summit and Awards takes place from 15 to 17 May 2012. For more information and to reserve your seat, please click here.
Share