Anti-phishing training programs are designed to help identify and reduce employee susceptibility to phishing attacks. They have been shown to reduce successful phishing attacks and malware infections by up to 90%.
The Cyber Security Unit (CSU) has established a suite of vendor provided Phishing simulation and user awareness training resources delivered by Proofpoint, Inc.
Phishing simulation and user awareness training is underpinned by a proven four-step approach.
- Assess—the ThreatSim® Phishing Simulation platform enables agencies to assess how susceptible their employees are to phishing and spear phishing attacks. End users who fall victim to simulated attacks are automatically presented with ‘just-in-time’ anti-phishing training and guidance which identifies the warning signs that should have been picked up by the user and offers tips to help avoid future threats.
- Educate—security awareness training programs include targeted anti-phishing training as well as organisation-wide education. Phishing attack training approach and interactive training modules enable agencies to deliver effective cybersecurity education in a flexible, on-demand format that minimises disruption to daily work routines.
- Reinforce—reinforcing best practices is critical to improving information retention. The PhishAlarm® email reporting tool enables employees to report a suspicious phishing email with a mouse-click and the email prioritisation tool helps maximise the capabilities of PhishAlarm® and streamlines response and remediation efforts on reported emails.
- Measure and analyse results—tracking and analysis features deliver a range of reports that provide granular insights into the results of anti-phishing campaigns and training programs. Analysis tools help to shape simulated phishing campaigns and identify users who are likely to benefit from additional education.