Anti-Phishing Training

Training courses have evolved from traditional–read material, take an assessment—courses where the participant realizes and is conscious that they are being trained to simulations that may not inform the user ahead of time that the material they are reviewing (a phishing email attempt for example) is not real and was sent to them by their organization or on behalf of their organization. Review the use of Anti-Phishing training tools as a training aid by reading the Carnegie Mellon study: http://www.cs.cmu.edu/~jasonh/publications/soups2009-school-of-phish-final.pdf Also, read the CSO article from the following link: http://www.csoonline.com/article/3066532/techology-business/10-companies-that-can-help-you-fight-phishing.html Write a report and Your paper should include the following information: – One paragraph introduction to the tools and explain why they are being used. – A discussion of the following two questions: 1.Are there ethical boundaries that might be crossed by attempting to ‘trick’ employees to take the bait and open a phishing email? 2. Are there any negative consequences that organizations should consider of circulating phishing emails to test employees, and if so, what can the organizations do to reduce these effects? – Give a high level overview of a user training program that could be used to handle training a small staff. It should include: 1.Overview of the training 2.Purpose of the training 3. Time needed for the training 4.Type of training 5. Assessment of the training