Security Awareness, Social Engineering and Insider Threats

This module examines the human factors in cybersecurity, particularly focusing on security awareness, social engineering tactics, and the risks posed by insider threats. It covers strategies to educate employees, methods used by attackers to exploit human vulnerabilities, and approaches to mitigate the risk of insider breaches.

Portal > Cybersecurity > Security Awareness, Social Engineering and Insider Threats

Curriculum Builder

View Curriculum

Wash, Rick. and Molly M. Cooper. “Who Provides Phishing Training? Facts, Stories, and People Like Me.” Proceedings of the 2018 CHI Conference on Human Factors in Computing Systems. Association for Computing Machinery, New York, NY, USA, Paper 492, 1–12, 2018. DOI:https://doi.org/10.1145/3173574.3174066

Wen, Zikai Alex, Rowena Chen, Zhiqiu Lin, and Erik Andersen. “What.Hack: Engaging Anti-Phishing Training Through a Role-playing Phishing Simulation Game.” Proceedings of the 2019 CHI Conference on Human Factors in Computing Systems. Association for Computing Machinery, New York,NY, USA, Paper 108, 1–12, 2019. DOI:https://doi.org/10.1145/3290605.330033

Blase Ur, Fumiko Noma, Jonathan Bees, Sean M. Segreti, Richard Shay, Lujo Bauer, Christin, Nicolas, and Lorrie Faith Cranor. “I added ‘!’ at the end to make it secure”: observing password creation in the lab (https://www.usenix.org/system/files/conference/soups2015/soups15-paper-ur.pdf) . In Proceedings of the Eleventh USENIX Conference on Usable Privacy and Security (SOUPS ’15). USENIX Association, USA, 123–140: 2015.

Solove, D. J. “Privacy Self-Management and the Consent Dilemma.” Harvard Law Review, 2012.

Corradini (2020). Building a cybersecurity culture in organizations. How to Bridge the Gap Between People and Digital Technology (Vol. 284). Berlin/Heidelberg, Germany: Springer International Publishing

Bittau, Andrea, Adam Belay, Ali Mashtizadeh, David Mazieres, and Dan Boneh. “Hacking Blind.” In 2014 IEEE Symposium on Security and Privacy, 227–42. IEEE, 2014. doi:10.1109/SP.2014.22.

Atkins, Christopher. “Phishing Attacks.” February 18, 2021.