Join us today for a spirited debate on phishing training!

Infosec_Sam

Are phishing simulations pentesting for humans or training? What’s more effective with those folks who can’t stop themselves from clicking on everything: “name and shame” or a private, personal coaching session? We’ve seen it all: organizations that have terminated internet access (or even employees) and employers that take an educational approach to phishing. What’s your opinion? How do you deal with phishing repeat offenders? Does the term “repeat offender” offend you? Or are you frustrated your employer hasn’t fired more people for clicking even after numerous training sessions?

Join us and the Spiceworks IT community at 11 a.m. CDT today to discuss:

• Is it ever a good idea to terminate habitual clickers?
• How to protect your org from click-happy employees
• Training techniques and escalation methods

In this Video Meet Up, we will be responding to your comments and questions in real time, so bring your issues and opinions for commentary from our panel.

Sign up here »

Fulcrum45

I've always seen people as the weakest (and strongest) link to security in general. I wont pretend to know the HR ramifications of dealing with a click-happy user but in my experience they always seem to come with high ranking job titles. I've dealt with habitual **** surfers at previous jobs with whom the company would look the other way simply because they were too important. Because they deemed the issue "delicate" I would try to automate the process a bit so I couldn't be blamed being an overzealous IT guy. In this case I would log the traffic and made sure a automated report was sent to the VP every day. 

Infosec_Sam

In case anyone is interested in checking this out after the fact, here's the link to the recording! I thought there were some great points brought up by both parties, and it was pretty entertaining too, which is a plus! Check it out if you like, and let me know what you thought!

Watch here »