There are three executive perspectives on using phishing tests – all based on their understanding of culture and/or economics.
Here are the different perspectives:
1. Let’s aim to REDUCE click rates
Trying to REDUCE click rates assumes a consistent, repeatable process, with controllable variables, which is rarely the case.
2. Let’s aim to USE live tests as an occasional DEMONSTRATION
Using live tests as a way of DEMONSTRATING vulnerability, and motivating staff to be alert is powerful, as long as it is done fairly.
3. Let’s NOT use live phishing tests
The decision not to use live tests is often based on observed failures from poorly run tests that caused unexpected damage.
It is important to understand the executives’ perspectives and to educate them on the cultural and economic factors involved.
Photo by Sebastian Herrmann on Unsplash
For just $325 USD, you can run a 6 week, automated program for gamified phishing awareness training and challenges. (Limited time offer. Normally valued at $999 USD)
Use Promo Code: 6WEEKS
Scott Wright is CEO of Click Armor, the gamified simulation platform that helps businesses avoid breaches by engaging employees to improve their proficiency in making decisions for cyber security risk and corporate compliance. He has over 20 years of cyber security coaching experience and was creator of the Honey Stick Project for Smartphones as a demonstration in measuring human vulnerabilities.