this post was submitted on 21 Oct 2025
168 points (97.7% liked)

Cybersecurity - Memes

3527 readers
14 users here now

Only the hottest memes in Cybersecurity

founded 2 years ago
MODERATORS
Sam1232188@lemmy.world
neurohost@lemmy.world
Sam1232188@lemmy.fmhy.ml
Alphadef@programming.dev
CannaVet@lemmy.world
168
Security awareness (infosec.pub)
submitted 2 weeks ago by cron@feddit.org to c/cybersecuritymemes@lemmy.world
23 comments fedilink hide all child comments
 

Sometimes I wonder whether all this "security awareness training" has any effect at all.

you are viewing a single comment's thread
view the rest of the comments
[–] nymnympseudonym@piefed.social 2 points 2 weeks ago (1 children)

You say that but do you have any objective data?

I'd love to see studies of phishing success in orgs that do vs. do not have regular trainings.

I bet it works like PSA advertising. It's stuff everyone should know and 98% of people already do. But it also helps keep the issues closer to conscious awareness and is actually educational for the 2%

[–] cron@feddit.org 6 points 2 weeks ago (1 children)

There is a 2025 study that was widely reported:

In summary, our results confirm the ineffectiveness of current phishing training approaches while offering a refined study design for future work.

arXiv:2506.19899

[–] nymnympseudonym@piefed.social 2 points 2 weeks ago

training interventions showed no significant main effects on click rates (p=0.450) or reporting rates (p=0.417), with negligible effect sizes

Thank you. I stand corrected, and with my Bayesian priors updated.