How is 'social engineering' defined in the context of cyber threats?

Social engineering, in the context of cyber threats, is defined as the manipulation of individuals into divulging confidential information. This technique exploits human psychology rather than relying solely on technical hacking methods. Cybercriminals often use social engineering tactics to create a sense of urgency, fear, or trust, prompting individuals to provide sensitive details such as passwords, financial information, or access to secure systems.

This focus on human interaction contrasts sharply with other methods of cybersecurity, such as employing encryption methods or conducting network penetration tests, which are more technical in nature and rely on the security of systems and data rather than the behavior of individuals. The essence of social engineering lies in the ability to deceive individuals into compromising security without needing direct access to technical systems.