The research conducted for this project sought to understand the factors that impact the likelihood an individual will be victimized by a phishing attack. The research also sought to identify effective training approaches and technology available to supplement human defenses. Understanding these factors, training methods, and technology will allow organizations to strengthen their information security program. The research conducted confirmed that certain personality types and habits, such as gullibility, narcissism, psychopathy, and habitual email use, influence the likelihood an individual will fall victim to a phishing attack. Rule-based and mindfulness training, as well as communication tones, were examined and proved equally effective in supporting the detection of phishing emails. Technology also proved to be complementary to human defenses. Additional research is needed to determine how to leverage the personality trait learnings in a business setting.
Critical success factors for security education, training and awareness (SETA) programme effectiveness: an empirical comparison of practitioner perspectives
Cyber security has never been more important than it is today in an ever more connected and pervasive digital world....