In an attempt to stop phishing attacks, an increasing number of organisations run Simulated Phishing Campaigns to train their staff not to click on suspicious links. Organisations can buy toolkits and run their own campaigns, or hire a specialist company to provide such campaigns as a service.
To what extent this activity reduces the vulnerability of an organisation to such attacks is debated in both the research and practitioner communities, but an increasing number of organisations do it because it seems common practice, and are convinced by vendors’ claims about the reduction in clickrates that can be achieved. But does reducing clickrates for simulated phishing messages means simulated phishing campaigns are effective in reducing the risk? Furthermore, there are more or less security, legal, and trust issues depending on the way the campaign is implemented.
Thus, there are more effective security measures with less negative side-effects than simulated phishing campaigns. In particular, it is important to first improve the technical security measures and establish adequate security incident reporting before running intensive security awareness measures.
The webinar will include live interpretation services in three languages (English, Spanish and Portuguese), thanks to our collaboration with RedCLARA, the Latin American space for collaboration and development in education, science and innovation.
About the speaker
Prof. Dr. Melanie Volkamer is a full professor at KIT in the Department of Economics and Management. She leads the SECUSO research group. From 2016 to 2018 she was a Professor (Kooperationsprofessur) at the Department of Computer Science of Technische Universität Darmstadt Germany). From 2015 to 2018, she was appointed Full Professor for Usable Privacy and Security at Karlstad University (Sweden) and has also been an Assistant Professor at TU Darmstadt. Prof. Volkamer has been heading the research group “SECUSO – Security, Usability and Society” since 2011.
Also this year GÉANT joins the European Cyber Security Month, with the campaign 'A Community of Cyber Heroes'. Read articles from cyber security experts within our community and download resources from our awareness package on dev.connect.geant.org/csm2022