this post was submitted on 15 Aug 2025
102 points (98.1% liked)

Cybersecurity - Memes

3378 readers
1 users here now

Only the hottest memes in Cybersecurity

founded 2 years ago
MODERATORS
Sam1232188@lemmy.world
neurohost@lemmy.world
Alphadef@programming.dev
CannaVet@lemmy.world
102
It'S iMpoRtAnt tO Us (lemmy.world)
submitted 4 weeks ago by TehBamski@lemmy.world to c/cybersecuritymemes@lemmy.world
6 comments fedilink hide all child comments
 
you are viewing a single comment's thread
view the rest of the comments
[โ€“] koper@feddit.nl 5 points 4 weeks ago (1 children)

Awareness training is often a red herring to blame systemic failures on individual employees. No matter how much training you give, people are still going to click those phishing links. That's because phishing emails are often indistinguishable from real emails and clicking links is a regular part of their job.

It is much more effective to use technical controls. Prevent phishing emails from ever landing in the inbox. Give employees the proper tools and disable footguns. Have a procedure for when an employee inevitably does get phished.

[โ€“] henfredemars@infosec.pub 2 points 2 weeks ago

Our lame IA training is the same tier as the sexual harassment training -- a deflection of responsibility, so that when something happens, the company can wash their hands of it and fire everyone involved.