Help Your Employees Guard Against Rising AttacksGuidehouse Security Director on Solutions to Stem Social Engineering Attacks
With social engineering attacks escalating, security organizations should embrace better cybersecurity awareness training to protect their organizations against insidious schemes, said Barry Coatsworth, director of risk, compliance and security at Guidehouse.
Social engineering attacks, especially pretexting tactics, have nearly doubled since last year, and they are effective at manipulating human psychology, particularly through exploiting trust and curiosity, said Coatsworth. He advocates proactive educational efforts, including one-to-one or small-group workshops. These initiatives aim to empower individuals with knowledge about the diverse tactics used by scammers, enabling them to recognize and resist manipulation.
Organizations need a culture of vigilance and continuous learning, Coatsworth said. "It's not a one-shot silver bullet. I've seen people well-versed and make mistakes because the link looks too real. Harboring a culture is important," he said.
In this interview with Information Security Media Group at Infosecurity Europe 2023, Coatsworth also discussed:
- Factors that contribute to the success of social engineering attacks;
- The role of technology in detecting and preventing social engineering attacks;
- The importance of social media policies within organizations to safeguard against potential risks from employees' personal accounts.
Coatsworth has over 30 years of experience in energy, finance and the public sector and is an internationally recognized cybersecurity expert and adviser. He was part of the Industry Advisory Group for the Cyber Essential Scheme in conjunction with the U.K.'s Department of Business, Energy and Industry Strategy and served as a research adviser to the Parliamentary Office of Science and Technology on big data, ethics and privacy. He has also written a number of articles and is currently working on two forthcoming books.