Overview
ABSTRACT
We present attack mechanisms linked to social engineering, such as phishing or smishing techniques. Their prevention in the context of Information Systems (IS) cybersecurity, where human vulnerabilities account for 74% of attacks, exploiting cognitive biases and human weaknesses, based on AI tools, is strategic.
Current countermeasures (training, prevention) remain limited. Dynamic and gaming approaches, reinforcing critical thinking, combined with organizational policies and integrating the human element as a key asset in a proactive security strategy, aim to anticipate future threats and yet unknown scenarios.
Read this article from a comprehensive knowledge base, updated and supplemented with articles reviewed by scientific committees.
Read the articleAUTHORS
-
Florence SEDES: University Professor - University of Toulouse, formerly Toulouse 3 – IRIT
-
Jonathan DEGRACE: Cybersecurity consultant - IT Dexper
INTRODUCTION
The management of an organization's essential data is becoming increasingly sensitive as the risk of (cyber) attack increases: the Information System (IS) as a whole must be protected against financial, legal, reputational and other damage. Interconnections with other organizations, the increasingly widespread use of the Internet of Things (IoT –Internet des Objets) and the heterogeneity of different IS, are widening the attack surface usable by cybercrime, encouraging its growth:
74% of cyber attacks have a human component and are based on social engineering methods;
50% are phishing business emails.
The use of technologies such as generative AI and Machine Learning (ML) is increasing the quality and quantity of cyberattacks.
Social engineering is the use of human manipulation and deception techniques through digital tools, and is used against organizations as well as individuals. Social engineering attacks reveal the human element as the "weak link" in an organization's cyber defense. Depending on the cybersecurity prevention methods employed, results in terms of resistance to social engineering vary widely.
In this context, it is important to review the various factors that make it possible to design and, ultimately, prevent cyber-attacks early and effectively, in particular through collaboration between technical and human know-how.
Exclusive to subscribers. 97% yet to be discovered!
You do not have access to this resource.
Click here to request your free trial access!
Already subscribed? Log in!

The Ultimate Scientific and Technical Reference
KEYWORDS
prevention | security of informations systems | cybercrime | attack | AI | social ingineering
CAN BE ALSO FOUND IN:
Home IT Security of information systems Social engineering and security of the information system - The need for prevention
Home IT Software technologies and System architectures Social engineering and security of the information system - The need for prevention
Home Innovations Technological innovations Social engineering and security of the information system - The need for prevention
This article is included in
Digital documents and content management
This offer includes:
Knowledge Base
Updated and enriched with articles validated by our scientific committees
Services
A set of exclusive tools to complement the resources
Practical Path
Operational and didactic, to guarantee the acquisition of transversal skills
Doc & Quiz
Interactive articles with quizzes, for constructive reading
Social engineering and information system security
Bibliography
Exclusive to subscribers. 97% yet to be discovered!
You do not have access to this resource.
Click here to request your free trial access!
Already subscribed? Log in!

The Ultimate Scientific and Technical Reference