Dark Reading
Risky Business
Do more than just cursory scans. Develop
a holistic approach to app security.
Find out how!
Learn to take the ambiguity out of managing IT so you can guide your business forward.
Download now!
Use these tips from Gartner to identify the EPP solution that best suits your business.
Download now!
Topics:
Security Views
Phishing Your Users for Better Security
A couple of years ago, William Perlgrin taught users about phishing...by phishing them. In doing so, the director of the New York State Office of Cyber Security and Critical Infrastructure Coordination, created an awareness program that (for the most part) worked. By sending fake phishing email messages to his own users, Perlgrin was able to measure the risk of a targeted spear phishing attack against his organization. He then spoke to those users who fell for the phishing. Perlgrin then repeated the experiment, showing a significant decrease in the susceptibility of his users. In the end, some users were simply unable to learn, but not many. Interestingly, this experiment was continually conducted, with respect to human psychology. "This is not a one-shot deal," Pelgrin says in the article mentioned above. "I've got to reinforce that behavioral change to make it permanent."I tell people in the industry about this experiment as much as I can; two years later I am still very excited about it. User education is one of the biggest problems facing a security program, and when one shows to be so highly successful, it needs to be copied and reimplemented as much as possible. If you are successful with it, then please let me know how it worked out for you. Follow Gadi Evron on Twitter: http://twitter.com/gadievron Gadi Evron is an independent security strategist based in Israel. Special to Dark Reading. « The Future Of Digital Forensics | Main | Dark Reading Launches Vulnerability Management Tech Center » |
| Sign up now for the weekly InformationWeek Blog Newsletter. |
This is a public forum. United Business Media and its affiliates are not responsible for and do not control what is posted herein. United Business Media makes no warranties or guarantees concerning any advice dispensed by its staff members or readers.
Community standards in this comment area do not permit hate language, excessive profanity, or other patently offensive language. Please be aware that all information posted to this comment area becomes the property of United Business Media LLC and may be edited and republished in print or electronic format as outlined in United Business Media's Terms of Service.
Important Note: This comment area is NOT intended for commercial messages or solicitations of business.
One In Four Children Have Tried Hacking, Study Says
Report: Phishing Hits All-Time High
Forrester: Managed Security Services Poised To Take Off
MORE KEYHOLE
