Abstract
Organizations don’t need to deploy phishing simulation programs in order to gain some foundational benefits from general awareness about phishing attacks that drive engagement and reporting from end users. Whether or not you take the giant leap to launch a “self-phishing” program, there are some common questions and basic steps that institutions should address first about current practices. Hear two higher ed community members share what they did before moving on to campus-wide phishing awareness and exercise campaigns.
Note: This is one of two phishing webinars developed by the HEISC Awareness and Training Working Group. Resources are now available from the Chapter 2 presentation held on February 21, 2018. HEISC Webinar: Chapter 2: Too Legit to Quit: How to Avoid Making Legitimate Campus Messages Look Phishy