October marks the observance of Cybersecurity Awareness Month, a pivotal time for businesses and individuals to bolster their understanding and actions towards cybersecurity. This means it is time for you to put action to words and get your staff trained up on the cyber threats they face. Cyber Literacy is a critical skill for the 21st century. Are you doing your part to educate your employees on the threats they face and how to avoid them?
Attack-based phish testing creates fear, anxiety, and doubt in end users. It does not create awareness, harms IT, and misinforms management. Despite representing a billion dollar industry, traditional attack-based phish testing is fundamentally flawed. It causes untold problems for IT departments, individual users, and Managed Service Providers. Studies have shown it can even lead to more clicks by end users! This article outlines the fundamental flaws in attack-based phishing. It goes on to outline improvements from educational, positive outcome phish testing assignments that teach users how to finally spot every phishing attack and delete or avoid it.