You have been assigned the task of developing a comprehensive social engineering awareness
program for a medium-sized company. The organization has expressed concerns about the increasing
sophistication of social engineering attacks and wants to educate employees to recognize and mitigate
these threats.
Assignment Tasks:
1. Social Engineering Threat Landscape Analysis: Conduct an analysis of the current social
engineering threat landscape. Identify common tactics such as phishing, pretexting, and baiting.
Discuss real-world examples of social engineering attacks and their potential impact on
individuals and the organization.
2. Employee Training Curriculum: Develop a training curriculum for employees focusing on social
engineering awareness. Outline specific topics, such as recognizing phishing emails, verifying the
identity of individuals requesting information, and avoiding social engineering traps on social
media platforms. Include practical examples and simulations.
3. Simulated Social Engineering Exercises: Propose a plan for conducting simulated social
engineering exercises within the organization. Outline the objectives, methodologies, and key
performance indicators for assessing employee responses. Emphasize the importance of
creating a safe environment for learning without causing undue stress.
4. Reporting and Incident Response Procedures: Establish reporting procedures for employees who
suspect they have been targeted by social engineering attacks. Develop an incident response
plan specifically for social engineering incidents, including the roles and responsibilities of
employees and the security team.
5. Measuring Awareness and E6ectiveness: Define key performance indicators (KPIs) and metrics
to measure the success of the social engineering awareness program. Discuss methods for
regularly assessing employee awareness levels, tracking reported incidents, and refining the
training curriculum based on the evolving threat landscape.
Your assignment must follow these formatting requirements:
· Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all
sides; citations and references must follow APA or school-specific format. Check with your
professor for any additional instructions.
· Include a cover page containing the title of the assignment, the student’s name, the professor’s
name, the course title, and the date. The cover page and the reference page are not included in
the required assignment page length.
The specific course learning outcomes associated with this assignment are:
· Compare and contrast the methods of disaster recovery and business continuity.
· Explain risk management in the context of information security.
· Use technology and information resources to research issues in disaster recovery.
· Write clearly and concisely about disaster recovery topics using proper writing mechanics and
technical style conventions.
Grading for this assignment will be based on answer quality, logic / organization of the paper, and
language and writing skills, using the following rubric