REAL
MagyarClear Cookie - decide language by browser settings

Beyond Technology: Uncovering Social Engineering Vulnerabilities Through Integrated Phishing Simulation and Physical Security Audit

Bányász, Péter and Dub, Mate and Szádeczky, Tamás and Bányász-Váczi, Kincső Boróka (2025) Beyond Technology: Uncovering Social Engineering Vulnerabilities Through Integrated Phishing Simulation and Physical Security Audit. In: Proceedings of the Central and Eastern European eDem and eGov Days 2025 (CEEeGov 2025). ACM Press, New York, pp. 198-204. ISBN 9798400721977

[img]
Preview
 Text
3773002.3774811-Beyond_technology.pdf - Published Version
Available under License Creative Commons Attribution.
Download (285kB) | Preview

Abstract

This study examines cybersecurity vulnerabilities, with a particular emphasis on the human factor, through a phishing simulation and a physical security audit conducted within a Hungarian organization. The objective was to evaluate the security awareness of employees and their responses to genuine threats. Throughout the three-day phishing campaign, over half of the participants engaged with the deceptive email, and nearly one-third disclosed their company credentials. The on-site audit identified more than fifty significant vulnerabilities across eight risk categories, including unsecured data storage devices and visible passwords. Although the demographic analysis did not reveal notable differences, it was observed that younger employees (ages 20–34) showed a higher susceptibility. Following the campaign, there was a rise in the number of suspicious reports submitted to the security department, indicating an enhancement of security-conscious behavior among staff. The findings underscore the notion that information security resilience is intrinsically linked to organizational culture, employee behavior, and everyday practices. The research provided practical insights, enabling the organization to implement targeted interventions and demonstrating that the development of security awareness is an ongoing learning process. Ultimately, the study asserts that the human factor should not only be regarded as a source of error but also as a developable competency and a crucial element of organizational defense.

Item Type: Book Section
Uncontrolled Keywords: phishing, social engineering, cybersecurity, human element, risk assessment
Subjects: H Social Sciences / társadalomtudományok > H Social Sciences (General) / társadalomtudomány általában
J Political Science / politológia > J0 General legislative and executive papers / állam- és jogelmélet általában
SWORD Depositor: MTMT SWORD
Depositing User: MTMT SWORD
Date Deposited: 26 Feb 2026 13:23
Last Modified: 26 Feb 2026 13:23
URI: https://real.mtak.hu/id/eprint/235049

Actions (login required)

Edit Item Edit Item
EPrints Logo
Repository of the Academy's Library is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.