Options
Developing a risk-driven social engineering awareness raising policy for offshore professional services organizations
Author(s)
Ftanou, Victor
Date Issued
2024-05
Faculty
Ασφάλεια Υπολογιστών και Δικτύων / Computer and Network Security
Abstract
Globalization has been a part of our lives for several years. Globalization has also brought about major changes in the field of professional services. Organizations are now active everywhere with many of them located in specific locations specializing in such services, where thousands of offshore companies carry out work in the world.
The social engineering attacks are rising and are one of the top threats that organizations are facing. The dispersion of the offices in various geographical locations gives the opportunity to malicious actors to attempt to breach the security of the organizations and invade them causing problems, financial, business and many other types of nature. When the organization structure is complex, then this might benefit attackers to increase their opportunities to trick the employees into intercepting ways to access their information systems with consequent great damages, both financially and to the work environment.
This thesis aims to thoroughly study the problem of social engineering type attacks on offices of offshore (globalized) organizations that support other corporate offices of the organization outside of the country's territory where they operate and are scattered throughout the planet.
The purpose of the research is to study the conditions under which an organization can become the target of a social engineering attack by hackers, who aim not only to invade the specific organization, but also to other organizations that are possibly outside the country's territory and are supported by the organization, but also interactions between them. A risk assessment is performed to assess the impact of social engineering attacks across an offshore organization and drive the specification of a social engineering awareness raising policy.
The social engineering attacks are rising and are one of the top threats that organizations are facing. The dispersion of the offices in various geographical locations gives the opportunity to malicious actors to attempt to breach the security of the organizations and invade them causing problems, financial, business and many other types of nature. When the organization structure is complex, then this might benefit attackers to increase their opportunities to trick the employees into intercepting ways to access their information systems with consequent great damages, both financially and to the work environment.
This thesis aims to thoroughly study the problem of social engineering type attacks on offices of offshore (globalized) organizations that support other corporate offices of the organization outside of the country's territory where they operate and are scattered throughout the planet.
The purpose of the research is to study the conditions under which an organization can become the target of a social engineering attack by hackers, who aim not only to invade the specific organization, but also to other organizations that are possibly outside the country's territory and are supported by the organization, but also interactions between them. A risk assessment is performed to assess the impact of social engineering attacks across an offshore organization and drive the specification of a social engineering awareness raising policy.
Publisher
Ανοικτό Πανεπιστήμιο Κύπρου
Format
viii, 126 p., 30 cm.
File(s)
Loading...
Name
ΑΥΔ-2024-00147.pdf
Size
2.17 MB
Format
Adobe PDF
Checksum
(MD5):505aa462ac8fa5be16026c431745b9ac