Ransomware Simulation: A Study in Augmenting Corporate Phishing Program
Many organizations globally are implementing corporate phishing programs as a way of educating employees around the typical risks of phishing attacks. While some companies have seen reductions in risky behaviour, it's been shown that the attention given to, and therefore effectiveness of, point of failure training can be lacklustre given competing workplace priorities. Employees simply don't want to read more security awareness material, or sit through security training videos. Debbie and Adam chose to investigate whether augmenting Australia Post's current corporate phishing program with a ransomware simulation would not only increase participant attention, but also induce a mild stress response, which has been shown to improve learning when presented in the correct context. Debbie and Adam will discuss the development of adding a modified ransomware element to their phishing program, their findings, and potential learnings for future security education and awareness programs
Speaker: Debbie Fuzy and Adam Janik from Australia Post
AISA members: Please sign in to register for this event.
If you would like to become a member you can join here.
Many thanks to our Sponsors
AISA thanks Gemalto for their sponsorship of this meeting.
AISA also thanks PWC for sponsoring the venue for this meeting.