Analysis and protection against social engineering in a specific company

The thesis is divided into a practical and theoretical part, where the practical part is processed by the method of linear search and provides an insight into social engineering and cyber-attacks. The aim of the theoretical part is to provide a comprehensive view of social engineering and to summarise the current state of the industry, which provides the context for the practical part. It describes how these concepts are related and how their combination threatens contemporary societies and individuals. The thesis also describes the evolution of social engineering and cyber threats from their origins to the present day, including an analysis of historically significant attacks in the sector. A large section is dedicated to the methods just mentioned and the threats they pose to today's society and how they can be dealt with, including identifying current trends and future challenges. Last but not least, the legislative and normative aspects of cyber security from the perspective of the Czech Republic and the EU are mentioned. The aim of the practical part and the main objective of the thesis is to analyze a real company in terms of IT and cyber security with an emphasis on finding weak points with providing concrete steps for implementation. The method of the practical part consisted in conducting a series of interviews with the company's employees, especially with the employees of the IT department, in order to obtain relevant information needed to know the current state of the company's IT security and then to perform the analysis.