Phone : +91 95 8290 7788 | Email :

Register & Request Quote | Submit Support Ticket

Home » Cyber Security News » A comprehensive guard against social engineering in the digital age – ET CISO

A comprehensive guard against social engineering in the digital age – ET CISO

A comprehensive guard against social engineering in the digital age – ET CISO,imgsize-3848,width-1200,height=765,overlay-etciso/ciso-strategies/a-comprehensive-guard-against-social-engineering-in-the-digital-age.jpg

<p>Brijesh Balakrishnan, Vice President & Global Head of Cybersecurity Practice, Infosys</p>
Brijesh Balakrishnan, Vice President & Global Head of Cybersecurity Practice, Infosys

Social engineering attacks are an exercise in deception, with cybercriminals exploiting human vulnerabilities rather than technical flaws. These attacks play on psychological traits such as curiosity, trust, and fear to extract sensitive information or compel the victim into an undue action. The broad spectrum of social engineering attacks includes phishing, pretexting, baiting, and tailgating, leveraging a complex web of human behaviors to unfurl their malintent.

Recent trends on the upheaval

The field of social engineering is evolving rapidly with the advent of AI. AI-driven forgeries closely resemble real communications. Phishing attacks use advanced language models to mimic writing styles effectively. Tools like ChatGPT expand targeted attacks, like harpoon whaling, by identifying victims based on financial status. Deepfakes complicate security, creating convincing synthetic media for spreading misinformation. This is concerning during an election year with over 50 nations facing risks. AI enables bots to conduct social engineering attacks, blurring human-bot interactions. The scattered spider attack is another complex cyber threat using social engineering, like phishing and impersonation, to trick people into exposing sensitive data or access to systems. It bypasses standard security through psychological manipulation. Businesses see a rise in email compromise attacks, highlighting the need for vigilance and security measures. In view of these trends, enterprises must use advanced detection systems to combat cyber threats.

Strengthening the fortitude against social engineering

Legislations play a crucial role in controlling social engineering. Regulations defining responsible AI use act as a defense against harmful applications, setting standards and promoting accountability. This facilitates enterprises to take an ethical approach in utilizing AI. In addition, they must also consider the following strategies.

Structured cyber awareness training programs

The human touchstone in cybersecurity cannot be neglected. An aware and educated workforce forms the bedrock of an enterprise’s defense mechanism. Regular cyber awareness training sessions must be woven into the organizational fabric. These should not be one-off events but ongoing experiences, tailored to each employee’s role, and subject to evolution in tandem with the threat landscape.

Adoption of advanced detection systems

The AI revolution in cybersecurity is well underway, offering sophisticated tools to augment our defense array. Leveraging AI algorithms for real-time analysis of email communications does not just automate the vetting process; it endows the system with the capacity to learn from historical data and adapt to future threats. This predictive power is invaluable, turning the tide from a reactive to a proactive stance against social engineering ploys.

Zero Trust architecture – trust but verify

The Zero Trust model of security predicates that no request for access and no user should be automatically trusted. Instead, a litany of verifications at each juncture ensures a watertight system that remains guarded against breach. By mandating strong authentication protocols like Multi-Factor Authentication (MFA), enterprises can enforce stringent checks on user identities and behavior, creating an ecosystem where the onus is on continuous validation.

Responsible deployment of AI

AI, as a double-edged sword, must be wielded responsibly. The malicious deployment of AI for social engineering attacks can have devastating consequences, which is why enterprises must be cognizant of the tools they employ. A set of ethics governing the use of AI in business is not just the moral high ground; it is a strategic policy that underscores the ethos of an enterprise and its commitment to societal well-being.


The digital age is fraught with pitfalls, now more than ever. The dynamic landscape of social engineering calls for a synergy between technological innovation and deep-rooted cultural transformation within enterprises. We have peeled back the layers to reveal the nuanced tapestry of threats that comprise social engineering attacks and have outlined the blueprints for robust responses.

There is no one-size-fits-all solution in the realm of cybersecurity. Every enterprise is a cog in the larger wheel of a global security paradigm, where collective wisdom and shared experiences pave the way forward. By embodying the learnings from this guide, enterprises can pivot from passivity to proactivity, and stand resolute against the advancing tides of social engineering attacks.

In the end, it is a collective defense in an interconnected world. Each entity, a guardian of not just its own sanctity, but custodian of the larger communal security fabric. The battle lines have been drawn by the ingenuity of social engineering; now, it is time for us to pen our victories through foresight and collaboration.

The author is Brijesh Balakrishnan, Vice President & Global Head of Cybersecurity Practice, Infosys.

Disclaimer: The views expressed are solely of the author and ETCISO does not necessarily subscribe to it. ETCISO shall not be responsible for any damage caused to any person/organization directly or indirectly.

  • Published On Jun 12, 2024 at 01:15 PM IST

Join the community of 2M+ industry professionals

Subscribe to our newsletter to get latest insights & analysis.

Download ETCISO App

  • Get Realtime updates
  • Save your favourite articles

Scan to download App

Information Security - InfoSec - Cyber Security - Firewall Providers Company in India













What is Firewall? A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet.


Secure your network at the gateway against threats such as intrusions, Viruses, Spyware, Worms, Trojans, Adware, Keyloggers, Malicious Mobile Code (MMC), and other dangerous applications for total protection in a convenient, affordable subscription-based service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services. Stateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols.


Firewall Firm is an IT Monteur Firewall Company provides Managed Firewall Support, Firewall providers , Firewall Security Service Provider, Network Security Services, Firewall Solutions India , New Delhi - India's capital territory , Mumbai - Bombay , Kolkata - Calcutta , Chennai - Madras , Bangaluru - Bangalore , Bhubaneswar, Ahmedabad, Hyderabad, Pune, Surat, Jaipur, Firewall Service Providers in India

Sales Number : +91 95 8290 7788 | Support Number : +91 94 8585 7788
Sales Email : | Support Email :

Register & Request Quote | Submit Support Ticket