Social Engineering Platform (SEP)
 Posted on 18/04/2014 - 15:56
Idea Outline
Social engineering is the manipulation of employees to give classified information. The SEP solution educates users about the dangers of social engineering and provides companies with monitoring options of potentially risky behavior of employees.

The Challenge
60% of major information security breaches are the result of behavioral manipulation. In the Netherlands phishing e-mails caused banks €35 million worth of damages. No matter how advanced a security system is, it can be breached by manipulating employees. For this reason the human factor is known as the weakest link in information security. Most people are susceptible to clever manipulation of their behavior. Today criminals have many new high tech communication channels to their disposal to exploit these weaknesses. Despite the scale of the problem most people are still unaware of the threats involved.

The Solution

SEP is a new interactive e-learning platform with a mobile application, that both educates users and monitors the human factor risk in an organization .The platform utilizes the newest insights in didactical techniques concerning changes in attitude and behavior. Users are presented with case based real life dilemmas of which the dangers and techniques used are clarified. Other features that will be included on the platform are: presentations and exercises aimed at behavioral change of employees, a growing knowledge database with reports of suspicious information gathering attempts and information on recognizing and handling social engineering attacks. The platforms goal is to raise knowledge, awareness and practical skills concerning social engineering.

Target group and social impact
Social engineering attacks are a hazard to both individuals and companies. In the past two years, 48% of large businesses have suffered from social engineering attacks at least 25 times, resulting in losses of between €18,000 and €70,000 per incident, not regarding indirect costs like reputational loss, loss of productivity and emotional damage to employees. Everybody and every company handling confidential information is a potential target for social engineers. On European level, better informed companies/employees will save millions of euro's to losses due to social engineering.

Competences of the applicant
Insite Security offers information security solutions. Insite Security’s strength lies in their multidisciplinary approach that includes three elements: human factors, technical solutions and organizational policy. The Insite Security team specialists have the technical abilities to develop the platform and have extensive knowhow and experience of social engineering.

Video Link
None posted
Social Category
  • Other

  • Tecnology Category
  • Mobile
  • Web/Internet

  • Please log in to Rate this Idea

    Spot on idea. Finally a solution to adress weaknesses in 'OSI-layer 8' (humans)

    A good initiative to make people aware of the social dangers of going to cyberspace

    The problem is often sadly neglected and limited to the technical aspects. Therefore it deserves more attention, this multidisciplinary approach is a very good contribution.

    Good idea

    Finally someone is taking initiative to broaden security awareness for a large 'audience'.
    Let's make the world a little bit saver.
    Keep going!!