Human resources vulnerability assessment methods


Protection of information systems is becoming increasingly complex and effective. Subsequently attacking them is becoming more difficult and more expensive in terms of time and money.

People (their behavior) on the other side have always been the weakest link of information security, and are much easier and cheaper to attack and abuse.

Therefore the methods of assessing vulnerability of human resources of an organization are getting in the focus of interest.
The aim of this research is:

  • to develop a stepwise methodology for assessing vulnerability of employees (especially) against social engineering
  • that would direct organizational and financial efforts
  • in raising awareness, knowledge and skills of employees

In addition the aim is for those methods to be scalable, quick to deploy and cost effective.

© Laboratorij za sustave i signale - Copyright 2008 - 2013.