u/Training_Leave_5433

Has anyone tried AI for phishing simulations?

People at the org have basically figured out our simulation emails and before you say that is a good thing they are not security aware, they just know what our test emails look like. Saw some platforms that use AI to adapt to each person with different styles, timing, channels etc. Sound interesting. Anyone tried something along the line? Please give your "whys" with the recommendations Thank you.

reddit.com
u/Training_Leave_5433 — 7 days ago

What is the biggest challenge your company faces when it comes to employee cybersecurity awareness?

What is the hardest part of building a security conscious culture within an organization today?

reddit.com
u/Training_Leave_5433 — 21 days ago

We are experimenting with risk based security awareness, looking for feedback.

Maybe this is a terrible idea but we stopped assuming every employee needs the same amount of security awareness training. We have started identifying who creates the majority of human risk and focused most of our remediation effort there, the nice thing is our training content is short enough that personalizing remediation to specific individuals is easier than pushing the same content to everyone. We are still figuring out what the human risk should even mean though. For anyone experimented with some different metrics/risk scoring or risk based awareness what we are missing, what we should look at or explore metric wise? Something you experimented with that were useful ( include more knowledge than I questioned)

Thank you:)).

reddit.com
u/Training_Leave_5433 — 1 month ago