It encompasses a variety of hacking techniques that focus on exploiting humans rather than computers to compromise information network security.
IBM's Cyber Security Intelligence Index states that that 95 percent of all security incidents involve human error. One example is phishing scams. Hackers will send seemingly normal emails containing malicious attachments that can cause malware to be downloaded onto the user's device. This grants hackers a beachhead from which they can seek valuable information, such as intellectual property, banking systems, and customer information.
This is where emotional intelligence, or the capacity to navigate interpersonal relationships mindfully and empathetically, has a dark side. Social engineering attacks often leverage basic human emotions to manipulate and persuade people to fall for their ploys -- most notably greed, curiosity, fear, and empathy. They use deception to manipulate individuals into divulging confidential information--information that may then be used for non-altruistic purposes.
Social Engineering and Emotional Intelligence
High levels of EQ can make you more vulnerable to social engineering: your empathy can be a gateway point for hackers. For example, hackers might impersonate a friend on your social networks, claiming to urgently need money. I almost succumbed to this ploy once, when ne'er-do-wells claimed over Facebook Messenger to be former students of mine who were stuck in London without money.
Here are a few ways you can protect your business from social engineering hacks:
- Adopt an organization-wide perspective. See social engineering hacks as a company-wide threat. Empower your team to understand the role they play in information security.
- Have policies and protocols. Put explicit limits on what company information can be shared and with whom it can be shared. Set up internal protocols to verify identities, and ensure the confidentiality of sensitive information. For instance, when can a password be safely shared? With whom? Over what medium?
- Spread awareness. Help all members of your organization understand the diligence they are responsible for and make them aware of common social engineering techniques. You can't guard against something until you are aware of it.
- Hire "white hat hackers." Sporadically and randomly, hire law-abiding hackers to actively run social engineering hacks on the organization. This can identify vulnerabilities in real time.
- Remain vigilant. Hackers persevere, constantly trying new approaches to make their gains. Regularly review your information security with outside consultants to stay abreast of the latest techniques.
In recent years, increased awareness of emotional intelligence has been associated with more business success and a happier overall quality of life. Studies from Yale, Bar?Ilan University, and Cornell have all have shown the importance of emotional intelligence to various parts of life, showcasing the positive benefits of higher EQ in relationship to work, health, and relationships.
But when it comes to social engineering, EQ can make you more vulnerable. The same empathy that helps generate positive outcomes elsewhere can be exploited by nefarious individuals who seek to prey on human weakness.
So protect yourself and protect your organization through a combination of awareness, policies, protocols, and vigilance.