If asked to explain what they know about cyber security, most people would likely respond with an answer that references hackers, computer viruses, or some form of basic information security they learned at their job. Far fewer people would cite a technical aspect of cyber security unless it was related to their work, and fewer still would reference social engineering attacks. This is not very surprising given that social engineering is not itself a technical concept or attack method despite it being to one of the more successful ways that threat actors gain unauthorized access to private networks. And the reason for social engineering’s ongoing success is because it targets the weakest link in the security chain: people. And advances in artificial intelligence (AI) are expanding its success rate.
