[vlog] Problems Phishing

Many organisations consider performing phishing tests against their own staff; whilst this can be a great way to determine your risk exposure and to determine the effectiveness of security awareness training, it can actually introduce problems into your security strategy too. In this episode I talk about a few common issues with company phishing campaigns: 1. Vanity Metrics – where company perform biased testing (unintentionally or otherwise) which cause a positive shift in their metrics but not necessarily the same positive shift in their security. 2. Repetitive Scenarios – there’s a lot of different scenarios a phisher could try, if …

Read More