Do phishing tests do more harm than good? - Wolfgang Goerlich - ESW #376

Security Weekly Podcast Network (Video)

Security Weekly Productions and Security Weekly द्वारा प्रदान की गई सामग्री. एपिसोड, ग्राफिक्स और पॉडकास्ट विवरण सहित सभी पॉडकास्ट सामग्री Security Weekly Productions and Security Weekly या उनके पॉडकास्ट प्लेटफ़ॉर्म पार्टनर द्वारा सीधे अपलोड और प्रदान की जाती है। यदि आपको लगता है कि कोई आपकी अनुमति के बिना आपके कॉपीराइट किए गए कार्य का उपयोग कर रहा है, तो आप यहां बताई गई प्रक्रिया का पालन कर सकते हैं https://hi.player.fm/legal।

2M ago 34:21

MP4•एपिसोड होम

A month ago, my friend Wolfgang Goerlich posted a hot take on LinkedIn that is less and less of a hot take these days.

He posted, "our industry needs to kill the phish test",and I knew we needed to have a chat, ideally captured here on the podcast.

I've been on the fence when it comes to phishing simulation, partly because I used to phish people as a penetration tester. It always succeeded, and always would succeed, as long as it's part of someone's job to open emails and read them. Did that make phishing simulation a Sisyphean task? Was there any value in making some of the employees more 'phishing resistant'?

And who is in charge of these simulations? Who looks at a fake end-of-quarter bonus email and says, "yeah, that's cool, send that out."

Segment Resources:

Phishing in Organizations: Findings from a Large-Scale and Long-Term Study
The GoDaddy Phishing Awareness Test
The Chicago Tribune - How a Phishing Awareness Test Went Very Wrong
University of California Santa Cruz - This uni thought it would be a good idea to do a phishing test with a fake Ebola scare

Show Notes: https://securityweekly.com/esw-376

4301 एपिसोडस

#Tech #Tech News #Hacking #Hackingnews #Security #Securitynews #Security Weekly #News #Video #Security Weekly Productions #SecurityWeek