One of the ways that companies have tried to improve education and awareness about the risks of phishing is the use of phishing tests to see if colleagues click on the link or open the suspect attachment in an unsuspecting yet controled environment. If they do, some instant education comes their way. There are those that think that this approach keeps the topic at the front of everyone’s mind, and there are those that think that it can have the effect of chilling the relationship between IT/Security and the rest of the organisation. There are a lot of variables in the equation like how you respond when someone clicks on the phish, how you encourage reporting of potential phishing and more, so the answer is a resounding “it depends.”
We also cover some of the increased security challenges that come with the now more common “working remotely,” and what happens when you walk into an empty castle after having gotten past the moat and door, but there is no one inside to defend it.
Support The Great Security Debate
Links:
- What Is DFMEA?
- Process FMEA | Process Failure Mode & Effects Analysis | Quality-One
- How to Overcome Obstacles by Using Toyota’s Five Whys Technique | Sam Thomas Davies
- Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon: Zetter, Kim: 9780770436193: Amazon.com: Books
- The Perfect Weapon: War, Sabotage, and Fear in the Cyber Age: Sanger, David E.: 9780451497895: Amazon.com: Books
- BeyondCorp – Enterprise Security | Google Cloud
- The Phoenix Project: A Novel about IT, DevOps, and Helping Your Business Win: Kim, Gene, Behr, Kevin, Spafford, George: 8601404253799: Amazon.com: Books
- The Perfect Weapon – Watch the HBO Original Documentary | HBO
- Homeland: Seasons, Episodes, Cast, Characters – Official Series Site | SHOWTIME
