What is the risk posed by social engineering to a network?

What will be an ideal response?

Social engineering is the practice of exploiting the human element in an organization to compromise computing resources.This often involves pretending to be someone the attacker is not to gain missing information.A common technique is masquerading as tech support to get passwords and then masquerading as the person who was exploited to access resources.The goal of this is escalating privilege beyond what they could access without the user information.With this technique, attackers have been able to get access to proprietary information such as customer information and source code, which can then be sold or ransomed.Getting enough user information to access a network as a legitimate user typically bypasses the security that is in place to prevent attack because the network is configured to allow normal use of the computer on the network and most of the focus for security is on attacks from outside the organization.