D.B.A. Baker College (Michigan), 2017.
Specialization: Information technology
Status of social engineering awareness in business organizations and colleges/universities
113 pages. UMI #: 10265376
Citation, Abstract & Full text in ProQuest Dissertations & Theses Database
Social engineers manipulate individuals into divulging confidential information or compromising personal or organizational security. The purpose of this qualitative case study was to examine the potential lack of social engineering awareness that affects employees at companies in southeastern Michigan. The research method consisted of interviews with 3 business and CIS/IT college faculty as well as 3 business/IT staff members. The theoretical framework supporting this study was Buller and Burgoon's interpersonal deception theory, which explains the interaction between a social engineer and his or her target. Research questions for faculty members pertained to the types of security courses included in the business curricula, the inclusion of the topic of social engineering, and plans for the inclusion of social engineering. Research questions for businesspeople pertained to the social engineering knowledge and skills that employers would like to see in new business graduates. Data were gathered through face-to-face interviews and analyzed by the researcher, a colleague, and the software, Atlas, to develop themes for each research question. Findings suggested social engineering is not familiar to business faculty but known to CIS/IT faculty, and students in IT security courses are aware of social engineering. This study contributed to the body of knowledge needed to address the lack of awareness of social engineering by bringing it to the attention of college faculty and business and IT personnel.