In my opinion, the human factor will be crucial in the future context, in fact, as we know, the strength of a chain is equal to the weakest of its rings.
Then also the strength of the chain of defence against cyber attacks has the same feature...
Because the weakest link is the user. It then becomes necessary and a priority, to enforce, to create in the user, the awareness of being the weak link exposed to targeted attacks to steal data.
Too often we do not realize how much information we expose about ourselves, about our travel, on who we are, where we work, when we are in a place... all of this happens at times subconsciously, in our interactions with the "social world". And often the thought of “who might be interested in me” justifies an attitude too superficial in providing this information.
Awareness means to be aware of how simple it is for an attacker, interested in correlating the information, to plan a targeted attack.
I strongly believe that social engineering attacks will be the biggest plague of the near future.
No antivirus can detect these attacks and "they" know this.
