Sometimes security awareness training is ineffective. Sometimes it's considered in poor taste.
For example, in a move that was criticized earlier this year, newspaper giant Tribune Publishing sent out a phishing simulation to staff. The "lure" was the promise of a bonus between $5,000 and $10,000. The email instructed employees to log in to "view your end of year bonuses." And when they did, they received a notification of enrollment in a computer security training program. However, the awareness campaign raised eyebrows because Tribune Publishing had recently laid off and furloughed many employees.
Perry Toone, founder of email service firm TheXYZ, says a similarly disastrous experiment with phishing employees led him to abandon the tactic.
"We created a fake phishing site and encouraged users to click a link in an email," he says. "When they did, we informed them that they had failed the phony phishing test. It turned out, this was not a good idea. Many people freaked out, thinking they have been hacked. Wouldn't do it again."
OK, so these are both examples of awareness training that fell flat. But what's working these days? The Edge reached out to several security leaders to hear about the new tactics they are employing to evangelize security in their organizations these days.
Joan Goodchild is a veteran journalist, editor, and writer who has been covering security for more than a decade. She has written for several publications and previously served as editor-in-chief for CSO Online. View Full Bio
1 of 10
Recommended Reading:
More Insights
"tactic" - Google News
November 12, 2020 at 02:33AM
https://ift.tt/3lozCya
9 New Tactics to Spread Security Awareness - Dark Reading
"tactic" - Google News
https://ift.tt/2NLbO9d
Shoes Man Tutorial
Pos News Update
Meme Update
Korean Entertainment News
Japan News Update
Bagikan Berita Ini
0 Response to "9 New Tactics to Spread Security Awareness - Dark Reading"
Post a Comment