Download presentation
Presentation is loading. Please wait.
Published byJasmin Stevenson Modified over 9 years ago
1
Creating a No Phishing Zone Group Discussion Written Project Russell Eubanks & Tsega Thompson SANS Technology Institute- Candidate for Master of Science Degree
2
Overview Phishing vs. Spear Phishing Purpose of Training Program ◦ Pre Assessment User Awareness Mandatory Webinar ◦ Post Assessment Evaluation Series of simulated phishing attacks Mandatory Quiz SANS Technology Institute- Candidate for Master of Science Degree
3
Testing Simulated Phishing Tests ◦ Email with link to update employee profile. ◦ Email with compensation report attached. ◦ Email with subject “Top Secret”. ◦ Email suggesting organizational changes. ◦ Email urging staff members to submit a fortune. Mandatory Employee Quiz ◦ Present phishing attacks and non-attacks to see if employees can identify each. SANS Technology Institute- Candidate for Master of Science Degree
4
Program Implementation Four week program ◦ Days 1-3: Mandatory Webinar ◦ Days 4-18: Simulated Phishing Tests ◦ Days 6-23: Data Collection & Analysis ◦ Day 24: Mandatory Quiz / Reinforcement Day ◦ Day 25-26: Putting it all together ◦ Day 26: Report Card Day SANS Technology Institute- Candidate for Master of Science Degree
5
Measuring Success At each level of the program fewer employees will be vulnerable to phishing attacks. Track employees who respond to attacks. Results will be populated in a table for further analysis. Progress will be measured. SANS Technology Institute- Candidate for Master of Science Degree
6
Example
7
Summary Social engineering attacks are geared towards exploiting employees. Our best defense is to arm them with the knowledge needed to recognize and report these attacks. SANS Technology Institute- Candidate for Master of Science Degree
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.