Does your organization conduct regular phishing simulations for internal team members?

2.2k views5 Comments

Sort by:

Director of IT in Software4 years ago

We perform phishing tests and whoever fails it is send back to the security awareness training :)

VP, Technology Manager in Education4 years ago

We run regular campaigns with an external partner several times a year. At the end of every year we send recognition to everyone who was successful in flagging all campaigns as phishing.

CIO in Manufacturing4 years ago

We run phishing simulations monthly, but for certain groups, not for everyone. We also do it based on seasonality, like tax season and the holiday season. We may do more targeted types of awareness training based on that.

Member Board of Directors in Finance (non-banking)4 years ago

At the companies where I was a board member and part of the cyber or risk committee, we did phishing simulations every quarter, and in fact board members were included in some of them. It was fun and they did fall prey to the simulation.

CIO in Software4 years ago

We do regular phishing simulations. It generally follows the training.

Content you might like

What is a "must have" meeting for you or your team? If you can please share why/what makes it so great - topic, frequency, etc. - I'm looking to brainstorm some fresh opportunities for my group.

Which tech conference do you intend to attend in person next year or have already participated in this year, and what motivated your choice?

What's your experience with SAP ERP on Prem security testing? What kind of engagement did you choose for your SAP landscape—was it a deep-dive technical System Audit, a full-scope Red Team scenario, or something in between? What was the 'why' behind your decision, and what were your key takeaways?

Do you believe your reputation as an IT leader is more aligned with being a "no" person or a "yes" person?

"No" person31%

"Yes" person60%

Can't say, but now I'm curious9%

View Results

Have you found that using external red teamers is more effective than using an internal red team?

Much more effective12%

Somewhat more effective43%

Equally as effective32%

Somewhat less effective10%

Much less effective

View Results

Does your organization conduct regular phishing simulations for internal team members?

Sort by:

Content you might like

What is a "must have" meeting for you or your team? If you can please share why/what makes it so great - topic, frequency, etc. - I'm looking to brainstorm some fresh opportunities for my group.

Which tech conference do you intend to attend in person next year or have already participated in this year, and what motivated your choice?

What's your experience with SAP ERP on Prem security testing? What kind of engagement did you choose for your SAP landscape—was it a deep-dive technical System Audit, a full-scope Red Team scenario, or something in between? What was the 'why' behind your decision, and what were your key takeaways?

Do you believe your reputation as an IT leader is more aligned with being a "no" person or a "yes" person?

Have you found that using external red teamers is more effective than using an internal red team?

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

How are U.S. CISOs Addressing Liability Risk?

CrowdStrike Outage: Impact And Recovery

Impact & Perceptions of A Privacy-First Digital Era

Challenges & Tools For A Privacy-First Internet Age

IT and Infosec Collaboration on Vulnerability Patching

Take Your Insights On-the-Go