Let’s punish phishing victims… er, you want to do what?!

Let’s punish phishing victims… er, you want to do what?!

There is a big, hairy elephant in the room when it comes to phishing: Many organisations believe that it’s okay, or right, or that they have no choice other than to punish people who repeatedly fail phishing simulations. Are they right? Before we answer that, let’s...