Social engineering (SE) is an attack vector employed by cybercriminals, where they utilize persuasion and manipulation of human behavior and psychology to convince individuals to reveal information, provide access or perform an action that can then be used to initiate and/or maintain cyberattacks. SE is becoming extremely relevant in cyberattacks. Approximately 70% of US organizations experienced SE attacks in 2017 and financial losses resulting from these attacks were estimated at $2.23 billion in 2019. Despite the prominent role of SE, it is downplayed in the cybersecurity curriculum at institutions of higher education.
In this talk, Dr. Rege shares her experience with designing cybersecurity experiential learning projects that emphasize the human factor in cyberattacks & security via SE. It offers a brief introduction to SE, how SE can be implemented in the classroom, and the role of ethics in teaching SE. The talk also covers Dr. Rege and her team’s efforts to scale these projects and make them accessible to a wider community of students and educators.
Aunshul Rege, PhD, Associate Professor, Temple University