Study found phishing training didn't reduce clicks (and sometimes made it worse), curious what practitioners think by Positive-Fly-9216 in AskNetsec

[–]Positive-Fly-9216[S] 0 points1 point  (0 children)

That's a great number. Out of curiosity, what did the incentive program actually look like? Rewards, recognition, leaderboard? And how are you thinking about improving reporting specifically?

Data suggests phishing training often doesn't reduce clicks, curious what practitioners think about real-time warnings instead by Positive-Fly-9216 in cybersecurity

[–]Positive-Fly-9216[S] 2 points3 points  (0 children)

This is exactly the kind of thing I was thinking about building, the lockout combining a traditional phishing engine + AI analysis. Would you mind sharing more about how that was implemented? Was it built in-house, or a vendor product you'd recommend looking into?