HU will be closed for the Winter break from December 24th through January 1st. We encourage you to submit any urgent tickets prior to December 23rd. We will have a limited staff checking on tickets during the break, but your ticket may be delayed or addressed until our return on January 2nd. We wish you a safe and healthy holiday season!

Social Awareness in Cybersecurity

The Importance of Social Awareness in Cybersecurity


As we continue with Cybersecurity Awareness Month, it is extremely important to discuss the concept of Social Engineering. While you may be familiar with technical threats, social engineering is a different kind of danger — one that targets you rather than your computer. It relies on human interaction and psychological manipulation to trick us into revealing confidential information or performing actions that compromise our organizations security.


What is Social Engineering?

Social engineering attacks come in many forms, such as phishing emails, fraudulent phone calls, random malicious flash-drives, or even someone pretending to be a coworker. These methods exploit human trust, curiosity, and urgency. Cybercriminals often pose as someone you know or create a situation that pressures you into sharing sensitive data, clicking a malicious link, or downloading harmful files.


Real-Life Examples:

  • Phishing Emails: You receive an email that looks like it’s from a trusted source (HR, IT, or a known vendor) asking you to reset your password or provide confidential information.
  • Pretexting: An attacker pretends to need important information to confirm your identity, claiming it’s for a legitimate reason (e.g., IT assistance).
  • Malicious Flash-Drives: Random flash-drives placed in specific locations with the goal to have an employee plug the flash-drive into a device out of curiosity of what is on it.
  • Tailgating or Piggybacking: Someone follows you into a restricted area, pretending to be an employee who forgot their badge.


Why is Social Awareness So Important?

Cybersecurity is not just an IT responsibility — it’s a company-wide commitment. Many breaches are a result of human error, not just system vulnerabilities. By being aware of these tactics, you can protect not only your personal information but also the company’s critical data and resources.


Key Tips to Stay Protected:

  • Think Before You Click: Always double-check links and attachments, especially in unexpected or urgent messages.
  • Verify Requests: If someone asks for sensitive information or access, verify their identity through different processes.
  • Report Suspicious Activity: When something doesn’t feel right, it probably isn’t. Report any suspicious emails or interactions to IT and the Security team immediately.
  • Stay Educated: Follow our forums and newsletters, as well as trainings, to stay updated on the latest social engineering tactics and best practices.


A Shared Responsibility

We all play a role in maintaining our company's cybersecurity. By staying alert, questioning unexpected requests, and being mindful of how we share information, we can prevent social engineering attacks and safeguard our workplace.


Thank you for your vigilance and commitment to security!


If you have any questions or want to participate in discussion, feel free to reply to this topic or submit a ticket to the help desk!

Login to post a comment