eISSN: 3087-4297 editor@aimjournals.com
All Journals
Submit your article

International Journal of Cyber Threat Intelligence and Secure Networking

Open Access Peer Review International
Open Access

STRENGTHENING CYBER RESILIENCE: A COMPREHENSIVE EVALUATION OF SOCIAL ENGINEERING AWARENESS PROGRAMS

DOI
Dr. Thomas Becker 1 , Kevin Brooks 1 ,
4 Human Factors and Cyber Awareness Lab, University of Hamburg, Hamburg, Germany
4 Human Factors and Cyber Awareness Lab, University of Hamburg, Hamburg, Germany

Abstract

Social engineering remains one of the most effective and exploited attack vectors in the cybersecurity landscape, often targeting human vulnerabilities rather than technical flaws. This study provides a comprehensive evaluation of social engineering awareness programs aimed at enhancing organizational cyber resilience. Through a multi-layered assessment involving surveys, phishing simulations, and behavioral analysis across various enterprise environments, the effectiveness of existing training models is critically examined. Key factors such as program frequency, delivery methods (e.g., interactive modules vs. lectures), and user engagement levels are analyzed to determine their impact on long-term behavioral change and threat recognition capabilities. The results reveal that continuous, gamified, and context-aware training significantly improves user awareness and reduces susceptibility to phishing and other social engineering tactics. The study concludes with recommendations for designing adaptive, user-centric awareness programs that align with evolving threat landscapes, thereby strengthening overall organizational security posture.

Keywords

Cyber resilience, social engineering, cybersecurity awareness, phishing prevention

References

πŸ“„ Aldawood, H., & Skinner, G. (2019). Reviewing cybersecurity social engineering training and awareness programsβ€”Pitfalls and ongoing issues. Future Internet, 11(3),73. https://doi.org/10.3390/fi11030073
πŸ“„ Aloul, F. (2012). The need for effective information security awareness. Journal of Advances in Information Technology, 3(3), 176-183. https://doi.org/10.4304/jait.3.3.176-183
πŸ“„ Alsulami, H., Althobaiti, M., & Alfakeeh, A. (2021). Awareness of social engineering attacks in the education sector. Journal of Cybersecurity Education, Research and Practice, 2021(2), 1-15.
πŸ“„ Braun, V., & Clarke, V. (2006). Using thematic analysis in psychology. Qualitative Research in Psychology, 3(2), 77-101. https://doi.org/10.1191/1478088706qp063oa
πŸ“„ Brinkmann, S., & Kvale, S. (2018). Doing interviews (2nd ed.). SAGE Publications.
πŸ“„ BullΓ©e, J. W., & Junger, M. (2021). Social engineering: How psychological tactics make humans vulnerable. Computers & Security, 97, 101934. https://doi.org/10.1016/j.cose.2020.101934
πŸ“„ Creswell, J. W., & Poth, C. N. (2018). Qualitative inquiry and research design: Choosing among five approaches(4th ed.). SAGE Publications.
πŸ“„ Etikan, I., Musa, S. A., & Alkassim, R. S. (2016). Comparison of convenience sampling and purposive sampling. American Journal of Theoretical and Applied Statistics, 5(1), 1-4. https://doi.org/10.11648/j.ajtas.20160501.11
πŸ“„ Forrester. (2023). Protecting against the top five cybersecurity threats in 2023 requires a balanced approach. Forrester Reports.
πŸ“„ Hennink, M. M. (2013). Focus group discussions: Understanding qualitative research. Oxford University Press.
πŸ“„ Inspiroz. (2024). Social engineering attacks in education: 2024 prevention tactics. Inspiroz Blog. https://www.inspiroz.com
πŸ“„ Jaeger, L., & Eckhardt, A. (2020). Eyes wide open: The role of situational information security awareness for security-related behavior. Information Systems Journal, 31(3), 429-472. https://doi.org/10.1111/isj.12317
πŸ“„ Kroll. (2023). Q3 2023 threat landscape report: Social engineering takes center stage. Kroll Reports.
πŸ“„ Mouton, F., Leenen, L., & Venter, H. S. (2016). Towards an ontological model defining the social engineering domain. Computers & Security, 59, 186-209. https://doi.org/10.1016/j.cose.2016.03.006
πŸ“„ Nguyen, T., & Bhatia, S. (2020). Information security awareness in universities: The role of faculty and students. Education and Information Technologies, 25(1), 97-115. https://doi.org/10.1007/s10639-019-09972-7
πŸ“„ Patton, M. Q. (2015). Qualitative research & evaluation methods (4th ed.). SAGE Publications.
πŸ“„ Salahdine, F., & Kaabouch, N. (2019). Social engineering attacks: A survey. Future Internet, 11(4), 89. https://doi.org/10.3390/fi11040089
πŸ“„ USG. (2023). USG mandatory cybersecurity awareness training due April 28. COE FYI. https://fyi.coe.uga.edu/2023-04-usg-mandatory-cybersecurity-awareness-training-due-april-28/
πŸ“„ Wang, Z., Zhu, H., & Sun, L. (2021). Social engineering in cybersecurity: Effect mechanisms, human vulnerabilities, and attack methods. IEEE Access, 9, 11895-11910. https://doi.org/10.1109/ACCESS.2021.3052223
πŸ“„ Whitman, M. E., & Mattord, H. J. (2018). Principles of information security (6th ed.). Cengage Learning.
πŸ“„ Yerby, J. (2018). Faculty and staff information security practices and awareness: A study of higher education. Journal of Cybersecurity Education, Research, and Practice, 2018(1), 1-18.

Similar Articles

21-25 of 25

You may also start an advanced similarity search for this article.