- Home >
- Services >
- Access to Knowledge >
- Trend Monitor >
- Type of Threat or Opportunity
Trends in Security Information
The HSD Trendmonitor is designed to provide access to relevant content on various subjects in the safety and security domain, to identify relevant developments and to connect knowledge and organisations. The safety and security domain encompasses a vast number of subjects. Four relevant taxonomies (type of threat or opportunity, victim, source of threat and domain of application) have been constructed in order to visualize all of these subjects. The taxonomies and related category descriptions have been carefully composed according to other taxonomies, European and international standards and our own expertise.
In order to identify safety and security related trends, relevant reports and HSD news articles are continuously scanned, analysed and classified by hand according to the four taxonomies. This results in a wide array of observations, which we call ‘Trend Snippets’. Multiple Trend Snippets combined can provide insights into safety and security trends. The size of the circles shows the relative weight of the topic, the filters can be used to further select the most relevant content for you. If you have an addition, question or remark, drop us a line at info@securitydelta.nl.
visible on larger screens only
Please expand your browser window.
Or enjoy this interactive application on your desktop or laptop.
- Type of Threat or Opportunity
- >
- Societal, organisational, personal
- >
Social engineering
In the context of information security, social engineering is the psychological manipulation of people into performing actions or revealing confidential information. This differs from social engineering within the social sciences, which does not concern the revealing of confidential information. Social engineering is a type of confidence trick for the purpose of information gathering, fraud, or system access. It differs from a traditional "con" in that it is often one of many steps in a more complex fraud scheme. Social engineering happens in both the physical and digital domain or both.
All social engineering techniques are based on specific attributes of human decision-making known as cognitive biases. These biases, sometimes called "bugs in the human hardware", are exploited in various combinations to create attack techniques. Examples are attackers that appeal to natural curiosity or helpfulness of their victims and use authority, urgency or intimidation to pressure them. The attacks used in social engineering can be applied to steal employees' confidential information. The most common type of social engineering happens over the phone (vishing), via SMS (smishing) or e-mail (phishing). Other examples of social engineering attacks are criminals posing as exterminators, fire marshals and technicians to go unnoticed as they steal company secrets. Countermeasures include training of employees or users, limit access and install additional security measures for sensitive access and information, establish security protocols, perform security reviews and test the system.
Related Keywords: con artist, CEO fraud, phishing, spear phishing attacks, phishing emails, whaling, clone phishing, voice phishing, SMS phishing, tailgaiting.
In the context of information security, social engineering is the psychological manipulation of people into performing actions or revealing confidential information. This differs from social engineering within the social sciences, which does not concern the revealing of confidential information. Social engineering is a type of confidence trick for the purpose of information gathering, fraud, or system access. It differs from a traditional "con" in that it is often one of many steps in a more complex fraud scheme. Social engineering happens in both the physical and digital domain or both.
All social engineering techniques are based on specific attributes of human decision-making known as cognitive biases. These biases, sometimes called "bugs in the human hardware", are exploited in various combinations to create attack techniques. Examples are attackers that appeal to natural curiosity or helpfulness of their victims and use authority, urgency or intimidation to pressure them. The attacks used in social engineering can be applied to steal employees' confidential information. The most common type of social engineering happens over the phone (vishing), via SMS (smishing) or e-mail (phishing). Other examples of social engineering attacks are criminals posing as exterminators, fire marshals and technicians to go unnoticed as they steal company secrets. Countermeasures include training of employees or users, limit access and install additional security measures for sensitive access and information, establish security protocols, perform security reviews and test the system.
Related Keywords: con artist, CEO fraud, phishing, spear phishing attacks, phishing emails, whaling, clone phishing, voice phishing, SMS phishing, tailgaiting.
close