Discuss below in a 2500 words:
Information Security and Social Engineering
To protect their information, organizations now allocate a significant portion of their information technology budget on security processes andtechnology.
Despite this increased investment, social engineering remains an ongoing threat to organizations by targeting the weakest link in any organization's security strategy - its people.
What is social engineering? Describe how social engineering is used to target organizations (and individuals), including the approach used and the intended outcome? Why do these schemes work?
How real is this risk for businesses today? Provide industry metrics to quantify the risk and impact.
What steps are organizations taking to combat social engineering as a threat?
What (some of the) tools do these "social engineers" use to achieve their goals?
How will social engineering have an impact as technology evolve and become complex?
What are some of consequences if social engineering is used on SCADA systems?