-
Phishing Training Still Isn’t Working, So Why Are We Still Paying for It?
After spending years in cybersecurity education, I’ve seen the same claims about phishing awareness training repeated like gospel: “Users are the Human Firewall,” “Training reduces risk,” “Engaged employees are your first line of defense,” “Interactive learning drives change…” but does it? We just finished the largest known enterprise-scale field trial assessing phishing training effectiveness using…
-
-
Notes on Panel Discussion – Security Awareness Strategies and the Rise of AI-Driven Threats
SUMMARY: This panel discussion focused on innovative security awareness programs, gamification strategies, phishing simulations, and challenges posed by generative AI in cybersecurity. Participants included security leaders from various industries, discussing practical approaches to engaging employees and adapting to emerging threats, such as deepfakes and AI-assisted attacks. OUTLINE: IDEAS: QUOTES: RECOMMENDATIONS: ONE SENTENCE SUMMARY: Security awareness…