Picture it: you are at the next technology conference boasting about how you just spent your entire IT budget to buy the best security equipment on the market. You have earned the admiration of your peers. And then comes a call from the IT department. An employee has compromised your system by clicking on a malicious link in a phishing email, thinking it was a legitimate message from the helpdesk.
Social engineering is what happens when an individual uses manipulative tactics to have an employee bypass network security in order to access otherwise confidential information. This manipulation can take the form of a spam email, a phone call pretending to be an angry customer, or even someone walking through the front door impersonating a vendor.