Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.
10 STEPS
to Creating a
Corporate Phishing
Awareness Program
Phishing awareness programs help
enterprises protect themselves
from phishing scams and breaches.
It’s a highly effective ...
The ins and outs of
such a program depend
very much on the
company, but here’s a
basic outline of a typical
program to giv...
Write a phishing e-mail
that is realistic, current,
and relevant and
isn’t psychologically
damaging to your staff
Run that e-mail
through the appropriate
departments (such as
HR and legal) to get
approval, which will
likely involve edit...
Ensure your lists are
updated—adding new
hires and removing
those who have left
the company
Prepare a proper
educational landing page
for people who click
on the phish
Load the system you
will use with the e-mail
lists, phishing e-mail,
and landing pages
Schedule and test the
sending of the e-mail
Ensure the e-mail is sent
without any problems
Collect all data, which
might include number
of clicks, number of
people who report the
phish, and so on
26
15 8
Report on the data,
giving information
in regard to positive
or negative trends
26
15 8
Repeat the process
each month or quarter
As you can see, this is not a part-time
job. Maybe you can hire someone to
help you run this program internally or
you mig...
For more on setting up
and running a corporate
phishing program, check out
PHISHING
DARK WATERSThe Offensive and Defensive...
Nächste SlideShare
Wird geladen in …5
×

10 Steps to Creating a Corporate Phishing Awareness Program

1.419 Aufrufe

Veröffentlicht am

Malicious emails can come at any time. Learn how to protect yourself and your company by creating a corporate phishing awareness program.

Veröffentlicht in: Technologie
  • Als Erste(r) kommentieren

10 Steps to Creating a Corporate Phishing Awareness Program

  1. 1. 10 STEPS to Creating a Corporate Phishing Awareness Program
  2. 2. Phishing awareness programs help enterprises protect themselves from phishing scams and breaches. It’s a highly effective way of educating employees and helping them spot phishing attacks.
  3. 3. The ins and outs of such a program depend very much on the company, but here’s a basic outline of a typical program to give you an idea of what’s involved.
  4. 4. Write a phishing e-mail that is realistic, current, and relevant and isn’t psychologically damaging to your staff
  5. 5. Run that e-mail through the appropriate departments (such as HR and legal) to get approval, which will likely involve edits and new iterations
  6. 6. Ensure your lists are updated—adding new hires and removing those who have left the company
  7. 7. Prepare a proper educational landing page for people who click on the phish
  8. 8. Load the system you will use with the e-mail lists, phishing e-mail, and landing pages
  9. 9. Schedule and test the sending of the e-mail
  10. 10. Ensure the e-mail is sent without any problems
  11. 11. Collect all data, which might include number of clicks, number of people who report the phish, and so on 26 15 8
  12. 12. Report on the data, giving information in regard to positive or negative trends 26 15 8
  13. 13. Repeat the process each month or quarter
  14. 14. As you can see, this is not a part-time job. Maybe you can hire someone to help you run this program internally or you might have someone on staff that is perfect for the job. But if you don’t have the staff, skill, or desire to run a phishing program internally then a consultant will be able to run it for you.
  15. 15. For more on setting up and running a corporate phishing program, check out PHISHING DARK WATERSThe Offensive and Defensive Sides of Malicious E-mails by Christopher Hadnagy and Michele Fincher

×