The human element is the least secure and least controlled aspect of enterprise security. Because of the inherent vulnerability of human trust, we are prone to the tactics of social engineering. Social engineering: the primary method of convincing humans to give up sensitive data or click on a malicious link takes many forms. Common communication methods such as e-mail, social networking, and even the telephone are used to trick humans for malicious purposes. This chapter will focus on the human element of security and provide methods to protect against well-executed social engineering attacks. The importance of effective security awareness training will be presented, along with methods for securely using ...