The status of information security systems in banking sector from social engineering perspective
| Autor: | Malik Qasaimeh, Raad S. Al-Qassas, Yousef Al Gharaibeh, Rand Abu Hammour |
|---|---|
| Rok vydání: | 2019 |
| Předmět: |
business.industry
Phishing attack Corporate governance Social engineering (security) Information technology 020206 networking & telecommunications 02 engineering and technology Information security Computer security computer.software_genre Phishing Banking sector 0202 electrical engineering electronic engineering information engineering 020201 artificial intelligence & image processing Business computer |
| Zdroj: | DATA |
| Popis: | Social Engineering Attack has recently become a real threat affecting organizations, and 53.9% of such attacks target the banking sector. Successful attacks violate privacy by breaching sensitive data, and can cause huge financial loss for organizations and individuals, alongside reputational damage for firms. Although banks invest extensive resources in cyber security, with large budgets spent on securing their hardware and software, the human factor offers numerous weaknesses that can be easily exploited, and real and pertinent security challenges remain serious threats. This paper presents an information technology governance framework applied on a Jordanian bank to protect the system from social engineering attack. We worked on a case study that mainly focuses on phishing attack, which is considered one of the most common threats in banks, and the way staff will deal with it. The results show positive improvements in staff awareness and in avoiding such types of attacks, as well as a marked increase in reporting any suspicious activity noticed by employees. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|