If a single click on a phishing email can ruin the entire company, the blame doesn’t lie with that individual.

  • Graz@feddit.de
    link
    fedilink
    arrow-up
    30
    ·
    4 months ago

    We have test-phishing mails sent by our IT-Sec team on a regular basis. There’s usually an obvious one and a better made one. First round 10% clicked the obv. one, 99% the good one.

    We had a lot of trainings after that.

    Last year the numbers went down to 5% and 80%.

    If your security concept relies on both of these numbers being zero, you’re an incompetent hack trying to shift the blame on end users instead of doing your job.

    • cron@feddit.orgOP
      link
      fedilink
      arrow-up
      13
      ·
      4 months ago

      Thank you, that was my point! Shifting the blame on the user doesn’t help anyone.