ABSTRACT
In the world of information technology (IT), 4 years is akin
to an eternity. There has been no satisfying answer reached
on how to mitigate the risk, no meaningful or valid statis-
tics related specifically to SE exist, and most organizations
have opted for the ostrich approach-burying their heads
in the sand and hoping it will all go away. Sadly, this
landscape is not a new one. One thing that has changed,
however, is the fact that attacks using SE have skyrocketed
(e.g., identity theft, phishing). This entry is a call to arms,
of sorts. If proactive steps in dealing with SE are not taken
(and not just throwing more technology at the problem), its
impact will become even greater than it is today.