Information security is about people, yet in most organizations protection remains focused on technical countermeasures. The human element is crucial in the majority of successful attacks on systems and attackers are rarely required to find technical vulnerabilities, hacking the human is usually sufficient.Ian Mann turns the black art of social engineering into an information security risk that can be understood, measured and managed effectively. The text highlights the main sources of risk from social engineering and draws on psychological models to explain the basis for human...