How do others conduct phishing tests ? Do you punish employees when they fail ? https://www.scmagazine.com/home/security-news/phishing/insensitive-phishing-test-stirs-debate-over-ethics-of-security-training/
Content you might like
<1-2%30%
3-5%45%
>5%23%
1073 PARTICIPANTS
CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.Head of Information Security in Services (non-Government), 1,001 - 5,000 employees
Having the right governance structures in place is important. We have a committee that's called the Protect Subcommittee that comprises the general counsel's office and leaders from our privacy and security practice ...read moreHead of Information Security in Services (non-Government), 1,001 - 5,000 employees
Using relevant examples to help underscore the importance of adhering to policies is key because it helps your messaging resonate. The MOVEit breach has impacted hundreds of companies and millions of individuals, so using ...read moreSANS newsletters24%
CISA-supported newsletters41%
Center for Internet Security (CIS) Newsletter44%
Schneier on Security19%
Brian Krebs23%
CyberWire24%
AWS Security Digest35%
MITRE 360 Newsletter5%
ChatGPT or variation15%
Elon Musk3%
Other (please share in comments)3%
99 PARTICIPANTS
I think this fits compliance standards and what many do… but how do we feel about the effectiveness? 🤔 With this style, do we see fewer ‘fails’ over time or just new employees getting trained?