Employee protection model against social engineering attacks
Authors
1 PhD in Information Technology Management and Assistant Professor at Command University and Aja Headquarters
2 PhD in Operational Research and Assistant Professor of Khatam Al Anbia Air Defense University (PBUH)
Abstract
Today, activity in the cyber space is important because the organizations in charge of the matter need speed and ease in collecting and analyzing data and information related to other organizations in charge of defense security at the level of the country. The purpose of this research is to provide a model of protecting employees against social engineering attacks and providing solutions to increase the security factor of this type of organization against social engineering attacks, especially ransomware. In this research, information and data were collected by library and field methods. The tools of the present research are interviews with experts and a questionnaire containing a number of questions about the measured variables of the studied society, whose validity and reliability were also calculated and evaluated as optimal. The statistical population of this research includes information technology experts of one of the defense units located in Tehran. The number of statistical samples of the research is calculated based on Morgan's innovative table and simple stratified random sampling method. Data analysis has also been done in two parts, descriptive and inferential, and at the end, the model of employee protection against social engineering based attacks included 6 dimensions and 18 statistical components. This model provides a suitable tool for standardizing and evaluating the organization's actions to secure employees and deal with social engineering attacks.
Keywords
