Using various social-engineering techniques, criminals run havoc on the Internet and defraud many people in a number of different ways. This puts various organisational communities at risk. Therefore, it is important that people within such communities should learn how to protect themselves when active in cyberspace, or when dealing with cyber-related technologies. Training can indeed play a big role in this regard, and consequently, assist by altering the insecure behaviour of many people. The objective of this article is to ascertain whether simulating phishing attacks together with embedded training can contribute towards cultivating users’ resistance towards ‘phishing attacks’. In order to achieve this objective, a phishing exercise at an institution in South Africa was conducted.
Critical success factors for security education, training and awareness (SETA) programme effectiveness: an empirical comparison of practitioner perspectives
Cyber security has never been more important than it is today in an ever more connected and pervasive digital world....