Building a Security Awareness Program: Phishing Simulations

Learn how to run phishing tests to build security awareness among your employees.

Security awareness training is essential for any enterprise. But how do you keep employees alert to ever-evolving threats like phishing? In this course, Lauren Zink explores one popular method of raising security awareness: conducting phishing simulations. Whether you have a training program in place or you are trying to start one, this course provides guidance on building tests that can help employees understand the social engineering techniques that hackers use to get them to reveal credentials and proprietary data. Learn how to test your employees by writing realistic phishing emails and use metrics and feedback from the test to grow the program. Lauren explains exactly how to plan, execute, and conclude your test and how to make it a beneficial learning experience for you and your employees.

Introduction

• Build security awareness with phishing tests
• What is phishing?

1. Benefits of Phishing Tests

• Employee learning outcomes
• Company benefits

2. Setting Up a Phishing Test

• Determine the audience
• Come up with a topic
• What teams need to be involved?

3. Designing a Phishing Test

• Develop in house or use third party
• Fake email development
• Educational piece development

4. Running the Test

• Determine go-live and team support needs
• Alert necessary parties
• Potential employee responses

5. Results

• Metrics that can be tracked
• Demonstrate cost avoidance
• Follow-up communication and education

Conclusion

• Next steps