Enhanced social engineering framework mitigating against social engineering attacks in higher education

Abstract

The purpose of this paper was to develop and validate an enhanced social engineering framework to mitigate against social engineering attacks. The study formulated a theoretical framework which was informed by the strengths and weaknesses of existing social engineering frameworks, the framework was also guided by the Dhillon's balanced control theory. The theoretical framework was validated by experts using the Delphi technique which comprised of three rounds. A sample of 25 experts from three higher education institutions which met the inclusion criteria were selected. The study was guided by the interpretivism philosophy to get a deep understanding of the phenomenon under study. The findings reveal that social engineering awareness, organizational security policy and Internet of Things (IOT) security succor in reducing social engineering attacks. The findings from this study will be utilized by decision makers in higher education sector to come up with engaging social engineering training programs, set up an organizational security policy and preclude IOT attacks to mitigate social engineering attacks in higher education. The study contributes to the field of social engineering with an enhanced social engineering framework that mitigate against social engineering attacks. The study adds to under-represented social engineering framework in higher education.