cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Caute_cautim
Community Champion

Phishing - how to overcome it?

Hi All

 

https://crestresearch.ac.uk/resources/phishing-your-staff/

 

How about it, making it an internal game alongside education within organisations and awarding good behaviour or awarding near misses, saved by the employee?  But make sure that the employee is not the Insider Threat.

 

Regards

 

Caute_Cautim

1 Reply
dcontesti
Community Champion

At one place I worked there were two camps, one wanted to shame and publicize the culprits and the other that wanted to educate....(and in my opinion I reported to the worse)...the one that wanted to shame.

 

So the two groups argued extensively every time that a incident happened and fortunately (MHOO) we never shamed anyone.  This proved beneficial when a C-Suite executive opened the wrong file.....can you image shaming a Sr. Vice President (not sure I would still have a job after that).

 

Once we went through an M&A, the new organization decided to air on the educate side (thankfully).

 

This education included sending "internal phishing emails", tracking the culprits and then providing departmental education (so no one person was targeted but everyone knew that someone in the group had done something wrong).  We worked to change this so that Phishing became part of the ongoing Security Awareness training.

 

Probably an ongoing argument in many organizations.