A technology firm receives repeated messages from a group threatening to release confidential data as a form of protest. The security team confirms that the attackers are driven by a desire to draw attention to social issues. Which approach best addresses the risk of unauthorized disclosure in this scenario?
Focus on advanced encryption of sensitive data
Introduce specialized employee awareness sessions focusing on unusual behaviors associated with cause-based infiltration
Prohibit remote access for standard users
Implement a new perimeter firewall with stricter egress rules
Specialized employee awareness sessions focused on recognizing signs of socially driven infiltration are effective. Attackers motivated by a cause frequently target human factors by seeking sympathetic insiders or exploiting social engineering strategies. While stronger perimeter defenses, improved encryption, or restricted remote access are beneficial, they do not directly address the human element of protest-related infiltration. Security training tailored to this type of threat helps employees detect suspicious behaviors and report them promptly, reducing the likelihood of unauthorized disclosure.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is cause-based infiltration?
Open an interactive chat with Bash
Why is employee awareness training so effective against social engineering attacks?
Open an interactive chat with Bash
How are perimeter defenses different from addressing the human element in security?