Having recently submitted an article for EDPACS on social engineering myself, I was interested to read a similar piece by Dan Timko in the latest ISSA Journal. Dan explores the psychological/human factors that make social engineering such a significant threat. His description of the controls is a bit light but covers the basics - policies and awareness, coupled with suitable technical controls where possible. Well worth a read.
The ISSA Journal is just one of the benefits enjoyed by ISSA members. The Information Systems Security Association is primarily an international social network that has brought information security professionals together at meetings for over 2 decades. Along with CISSPforum, ISSA neatly complements CISSP and similar qualifications, taking professional education well beyond the study guides, exam cramming and boot camps.