A New Role for Human Resource Managers: Social Engineering Defense

[Excerpt] The general risk of social engineering attacks to organizations has increased with the rise of digital computing and communications, while for an attacker the risk has decreased. In order to counter the increased risk, organizations should recognize that human resources (HR) professionals have just as much responsibility and capability in preventing this risk as information technology (IT) professionals. Part I of this paper begins by defining social engineering in context and with a brief history pre-digital age attacks. It concludes by showing the intersection of HR and IT through examples of operational attack vectors. In part II, the discussion moves to a series of measures that can be taken to help prevent social engineering attacks

Handling Human Hacking: Creating a Comprehensive Defensive Strategy Against Modern Social Engineering

Social engineering is one of the most devastating threats to any company or business. Rather than relying upon technical flaws in order to break into computer networks, social engineers utilize a suave personality in order to deceive individuals through clever conversation. These devious conversations frequently provide the attacker with sufficient information to compromise the company’s computer network. Unlike common technical attacks, social engineering attacks cannot be prevented by security tools and software. Instead of attacking a network directly, a social engineer exploits human psychology in order to coerce the victim to inadvertently divulge sensitive information. Further complicating the issue, the rise in popularity of social media has vastly increased the arsenal of information available to the social engineer to utilize when targeting individuals. Ultimately, this paper will describe the danger posed by social engineering attacks before detailing a comprehensive strategy to defend against the threat, accounting specifically for the dangers posed by social media and psychology

Education in 'life cycle sustainability assessment': caring for all 3 P's in one

Starting from the observation that externalities, reflecting societal concerns, emerge from costs and benefits which are not reflected in the market price, the authors of the paper emphasize the importance in education of life cycle sustainability assessment (LCSA) as a triple-bottom line tool to assess the three dimensions of sustainable development (environment, social and economy) – often referred to as the inclusive 3 P’s-approach (planet, people and profit) – of products, from cradle to grave. Especially the social LCA, as part of the overarching LCSA, has been developed to identify and to assess the social conditions throughout the life cycle of a product in order to improve human well-being. The concept of ‘social justice’ and its operationalization form the background for the development of different stakeholder categories, subcategories and indicators to undertake the social and socio-economic assessment. Two international publications (Benoît and Mazijn, 2009; Valdivia et al., 2011) are used during teaching and training session to give an overview of the social LCA and the LCSA. These guidance for the assessment of products resulted from inter- and multidisciplinary work. It was developed with the support of the authors, who have all an engineering background, but who worked for ten years now together, inter alia, with experts from social sciences. Different training sessions have been set up and LCSA (incl. social LCA) has been part of courses at universities, all with multiple objectives of a learning curve for engineering education within the context of sustainable development. Based on that experience in different countries, the authors are formulating recommendations for future educational material. Looking back at the Declaration of Barcelona (EESD 2004) and comparing with the objectives of the formal and non-formal education on LCSA, the authors claim that LCSA (and the on-going research) provides an excellent opportunity to fulfil the requirements of Engineering Education for Sustainable Development. Answering the question ‘What is a sustainable product?’ by using LCSA is learning to deal with complexity and uncertainty across the boundaries of a diversity of disciplines

Language engineering - a champion for European culture

Language is key to culture. It is a direct cultural medium as well as a means of recording and providing access to non-lingual elements of culture. Language is also fundamental to a sense of cultural identity. For this reason, it is vital, in a changing Europe, that we preserve the multi-lingual character of our society in order to move successfully towards closer co-operation at a political, economic, and social level. Language engineering is the application of knowledge of language to the development of computer software which can recognise, understand, interpret, and generate human language in all its forms. The paper provides a high level view of the ‘state of the art’ in language engineering and indicates ways in which it will have a profound impact on our culture in the future. It shows how advances in language engineering are an important aid in maintaining cultural diversity in a multi-lingual European society, while enabling the development of social cohesion across cultural and national divides. It addresses issues raised by the prospect of the Multi-lingual Information Society, including education, human communication with technology and information management, as well as aspects of digital cities such as tele-presence in digital libraries, virtual art galleries and electronic museums. The paper raises the issue of language as a factor in cultural domination, showing the contribution that language engineering can make towards countering it. The paper also raises a number of controversial issues concerning the likely benefits arising from the ways in which language is likely to influence the culture of Europe

Resolving Multi-party Privacy Conflicts in Social Media

Items shared through Social Media may affect more than one user's privacy --- e.g., photos that depict multiple users, comments that mention multiple users, events in which multiple users are invited, etc. The lack of multi-party privacy management support in current mainstream Social Media infrastructures makes users unable to appropriately control to whom these items are actually shared or not. Computational mechanisms that are able to merge the privacy preferences of multiple users into a single policy for an item can help solve this problem. However, merging multiple users' privacy preferences is not an easy task, because privacy preferences may conflict, so methods to resolve conflicts are needed. Moreover, these methods need to consider how users' would actually reach an agreement about a solution to the conflict in order to propose solutions that can be acceptable by all of the users affected by the item to be shared. Current approaches are either too demanding or only consider fixed ways of aggregating privacy preferences. In this paper, we propose the first computational mechanism to resolve conflicts for multi-party privacy management in Social Media that is able to adapt to different situations by modelling the concessions that users make to reach a solution to the conflicts. We also present results of a user study in which our proposed mechanism outperformed other existing approaches in terms of how many times each approach matched users' behaviour.Comment: Authors' version of the paper accepted for publication at IEEE Transactions on Knowledge and Data Engineering, IEEE Transactions on Knowledge and Data Engineering, 201