Tips for Ongoing Best Practice
Review trends and threats regularly. What are the phishing scams being received at your organization or by others in your industry? Learn from these and hone your phishing strategy.
Training should be a constant conversation to keep security at the forefront. Follow up phishing with targeted responsive training. Provide annual training on basic information security tenants. Ensure role-based training is provided and includes important processes like incident response, and so on.
Monitor behavior change. Is there more reporting of phishing emails through Phishhuk? Are vulnerabilities reported more often? Consider rewarding and recognizing positive behavior. Likewise, correct and encourage action for negative behavior with additional training and real-time communications. Based on behavioral changes, adjust your learning ladder and learning goals.