CAN ALERTNESS OF EMPLOYEES SAVE ORGANISATIONS FROM HACKERS USING Essay

CAN ALERTNESS OF EMPLOYEES SAVE ORGANISATIONS FROM HACKERS USING SOCIAL ENGINEERING FOR CYBER ATTACKS - Essay Example In their actions, hackers in the contemporary society use the most sophisticated of malware to attack information systems and networks in ways never seen before. Nevertheless, the initial role of social engineering in these attacks is core and cannot be overlooked due to the technologies used. Social engineering is hackers’ equivalent of a con or a trick, which makes the target people or systems to think someone, something or an action, is safe, trustworthy and familiar while in reality it is not (Kiountouzis & Kokolakis, 2011). The most common of social engineering con tricks often involve the hacker sending an e-mail to the target person or system. This e-mail if first tailored so that it appears to have come from a trustworthy sender. However, these con e-mails often contain links that when opened or clicked, directs a computer to a malware, which is in turn downloaded by the user on the target computer or system (Kiountouzis & Kokolakis, 2011). At this stage, the hacker em ploys the Remote Access Tool (RAT) to search through the computer network and/or infect other computers or networks. Social engineering is today exploited by hackers to bring down or access others’ computer/information networks and obtain information in the comfort of their homes provided they are sure their target will most likely be sitting at their computers (Kiountouzis & Kokolakis, 2011). ... This paper explores the various types of cyber and security threats to which information and technology companies and there ISs are exposed and the role of employee alertness in averting these threats, particularly those originating from hackers’ using social engineering. In this regard, the paper is a case study of an information security breach at one of the most renown IT security firms in the United States, the RSA. After addressing how RSA responded to the breach, the paper explores the role of employee alertness in averting such threats in the future. However, it is of the essence to first have a general understanding of the various techniques that hackers use to breach information security systems and obtain information illegally. The Protection Motivation Theory This paper will employ the protection motivation theory to explain the role and importance of employee alertness in assisting IS firms in detecting and preventing security breaches via social engineering techni ques. According to this theory employees will always protect themselves based on certain core factors. These factors include but are not limited to the probability of the occurrence of a security threat or breach, the suspected or expected severity of the threat, the vulnerability of the possible victims, the efficacy of the response/preventive mechanisms or behaviours. The motivation to protect oneself and property emanates from the evaluation of threats as well as the ability to cope with the threats or its effects. In the threat assessment context, employees of IS and IT companies are expected to be able to appraise the severity of possible social engineering threats and the seriousness of the situation once it occurs. On the other hand, the coping