1 / 7

Creating a No Phishing Zone

Creating a No Phishing Zone. Group Discussion Written Project Russell Eubanks & Tsega Thompson. Overview. Phishing vs. Spear Phishing Purpose of Training Program Pre Assessment User Awareness Mandatory Webinar Post Assessment Evaluation Series of simulated phishing attacks

vanya
Download Presentation

Creating a No Phishing Zone

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Creating a No Phishing Zone Group Discussion Written Project Russell Eubanks & Tsega Thompson SANS Technology Institute- Candidate for Master of Science Degree

  2. Overview • Phishing vs. Spear Phishing • Purpose of Training Program • Pre Assessment User Awareness • Mandatory Webinar • Post Assessment Evaluation • Series of simulated phishing attacks • Mandatory Quiz SANS Technology Institute- Candidate for Master of Science Degree

  3. Testing • Simulated Phishing Tests • Email with link to update employee profile. • Email with compensation report attached. • Email with subject “Top Secret”. • Email suggesting organizational changes. • Email urging staff members to submit a fortune. • Mandatory Employee Quiz • Present phishing attacks and non-attacks to see if employees can identify each. SANS Technology Institute- Candidate for Master of Science Degree

  4. Program Implementation • Four week program • Days 1-3: Mandatory Webinar • Days 4-18: Simulated Phishing Tests • Days 6-23: Data Collection & Analysis • Day 24: Mandatory Quiz / Reinforcement Day • Day 25-26: Putting it all together • Day 26: Report Card Day SANS Technology Institute- Candidate for Master of Science Degree

  5. Measuring Success At each level of the program fewer employees will be vulnerable to phishing attacks. Track employees who respond to attacks. Results will be populated in a table for further analysis. Progress will be measured. SANS Technology Institute- Candidate for Master of Science Degree

  6. Example SANS Technology Institute- Candidate for Master of Science Degree

  7. Summary Social engineering attacks are geared towards exploiting employees. Our best defense is to arm them with the knowledge needed to recognize and report these attacks. SANS Technology Institute- Candidate for Master of Science Degree

More Related