Building Resilience in Critical Systems

In the late 2000s, email phishing rose from obscurity to front page news in a matter of months, alongside password guessing and viruses, as a main security concern for organizations and individuals alike. Phishing relied on social engineering and the absence of an authentication method for email, the latter allowing criminals to claim any identity they wanted and send emails appearing to come from their selected identity.