What are you using for phishing simulations / training? What's great and what's currently lacking?

Security Strategy & Roadmap Security & GRC Strategy & Architecture

5k views116 Upvotes8 Comments

IT Cyber Security and Compliance in Healthcare and Biotech, 1,001 - 5,000 employees

another good one is Lucy Security

Assistant Marketing Manager in Software, 11 - 50 employees

KnowBe4, they have great products just for that.

T&T Specialist in Manufacturing, 5,001 - 10,000 employees

Knowbe4

Senior Product Marketing Manager in Software, 501 - 1,000 employees

We have a mandatory cybersecurity training module done by all employees every year.
In addition our infosec department sends faux "suspicious" emails through the year and expects employees to handle them correctly.

Store Manager in Retail, 10,001+ employees

Phishing simulations and training tools like KnowBe4, Pand Wombat S

ecurity can help organizations improve employee awareness and reduce the risk of successful phishing attacks.

It is advisable to use them alongside other security measures for optimal protection.

IT Manager in Miscellaneous, 51 - 200 employees

We are currently using Infosec IQ for phishing and security awareness. I love that it’s ready to use out of the box with lots of options. I haven’t run into anything lacking yet but we have only been using it since December.

Information Security Manager in Healthcare and Biotech, 201 - 500 employees

We are using the proofpoint solution

Cybersecurity Engineer in Manufacturing, 10,001+ employees

Proofpoint Security Awareness Training

Content you might like

Which of the following benefits do you believe controls mapping provides? (Select all that apply)

Security & GRC

Improved regulatory compliance41%

Reduced risk of errors and omissions61%

Better understanding of control effectiveness67%

Improved internal reporting and auditing34%

More efficient resource allocation8%

141 PARTICIPANTS

1.8k views1 Upvote

How are companies planning to change manage the roll-out of Data Loss Prevention (DLP)? We have programme of work to roll this out and would be interested in getting feedback on how other companies have successfully rolled it out, and any lessons learnt that they are happy to share.

Security & GRC

IT Manager in Transportation, 10,001+ employees

Always remember about Risk Assessment. Conduct a thorough risk assessment to identify potential data loss risks and vulnerabilities. Use this assessment to prioritize DLP efforts.

Where does the concept of Defense in Depth play into your org’s cybersecurity strategy? What are you doing practically to integrate that?

Security & GRC Security Strategy & Roadmap Risk Management +1 more

Director of IT in Education, 5,001 - 10,000 employees

This question requires a long explanation, but in a nutshell, implemented in the Risk Management Framework (NIST RMF). It is a layered protection in every step of the RMF.

How do you think AI will disrupt business across industries? Add to my list: 1. Content creation 2. Photos and video production 3. Basic coding and debugging 4. Strategic analysis to be highly complimented

Disruptive & Emerging Technologies Data & Analytics People & Leadership +1 more

Principal in Finance (non-banking), Self-employed

Almost too many to list. I believe original content — written, photos, and videos — are all but certain to become widely synthetic. Perhaps people will do some humanizing of the content but most of it will be artificially ...read more

Generally speaking, are you feeling optimistic about the state of DEI in cyber? Interested in hearing your reasons in the comments.

Security & GRC Talent Sourcing & Hiring Culture & Values

Yes – very optimistic!32%

Yes – mildly optimistic.55%

No6%

I’m not sure6%

259 PARTICIPANTS

2.9k views1 Upvote