My company (~200 end points) gets phishing attempts all day everyday, as I’m sure most do. I feel like we could be more proactive and have employees do a short phishing and safe browsing training as part of their on boarding. The average employee is clever enough, but we do have people here and there opening up every sketchy link and even had a person fall for a gift card scam (they got an email from the “CEO” asking to be discreet and go buy $500 iTunes gift cards and were ready to go to BestBuy to get them).
I’ve done a couple of these little phishing quizzes myself like the one Google/gmail has, but I’m wondering if there’s something that would be easier to deploy at a small company. We don’t really use any online training platforms for anything, so there’s no training modules we could add on. We could just send out the link to the Google/whatever free training and have people send a screenshot of completion back, but I’m wondering if there’s some kind of platform that would be better to roll out at a small company? We do have the ability to send out surveys/quizzes via our payroll platform, so perhaps we could create our own little training via that. Or maybe I’m just looking at this wrong and phishing training wouldn’t help at all.
Thanks for your input!
(I’m not an IT or cyber security professional, just an Operations guy.)