Guide:
Best Practices Phishing Simulations

Do´s and Don’ts for Sustainable Awareness Building in Organizations

Download
Best Practices Phishing Simulations
Best Practices Phishing Simulations

In this guide you will learn how to successfully plan and implement phishing simulations in your organization.

Phishing simulations are a popular tool to increase employees’ cyber security awareness and to protect yourself and your organization from serious hacker attacks. There are, however, several pitfalls to consider and avoid, most importantly failing toare the learning aspect of the measure.

The white paper illustrates the positive effects phishing simulations might have when sticking to the eight best practices listed below, which are based specifically on the users’ learning success.

Download the guide now and strengthen your human firewall

Contents

In the guide you will find answers to the following questions:

  • Why should you use phishing simulations to educate your team about cyber security?
  • Which methods have proven to be effective in phishing simulations?
  • What role does data protection play?
  • Which learning effects can be expected?

The following best practices will be discussed in detail, taking into account scientific findings and experience from awareness building measures:

  1. Technical preparation
  2. Announcement
  3. Anonymity and learning orientation
  4. Individualization
  5. Providing learning content
  6. Establishing a reporting chain
  7. Continuity and randomization
  8. Feedback to the participants

“Instead of classifying employees as a risk to an organization’s IT security, a phishing simulation should be driven by the opposite assumption: By being aware of security risks and by dealing with them adequately, humans can represent an additional, security-relevant barrier.”

Download