There is a wide array of players in the phishing awareness training market, which can make it difficult to choose the right training partner for your organisation. It’s important to do your research and ensure your chosen training provider is proven, reliable and delivers results that lead to sustained changes in user behaviour over time.
Many training providers offer a product that sends a fake (and harmless) phishing email to staff in your organisation, with the aim of exposing those users that were duped by the mock phishing attack. While this might get people talking, this approach can embarrass users and cause them to disengage in future education efforts – potentially exposing your organisation to more risk at a later date.
So, how do you select a training provider that has the technical nous and interpersonal awareness to take your employees on a phishing education journey that really works? This guide outlines five important traits to consider in choosing a training partner to ensure that your organisation gets the best outcome in protecting against cyber attacks.