Educause Security Discussion mailing list archives
Re: Repeat offenders during phishing campaign
From: "Barton, Robert W." <bartonrt () LEWISU EDU>
Date: Tue, 21 Mar 2017 16:42:26 +0000
1. Yes. 2. Between carrot & stick, stick causes moral issues. 3. Have they attended the phishing training? It is still a stick to make them attend, but it is a minor stick. Thank of it as reinforcement. 4. Have you offered rewards for people that are doing well, and announced them? I went with secure USB drives. - https://info.wombatsecurity.com/blog/reinforcement-a-key-to-knowledge-retention-risk-reduction 5. Here is one that does recommend negative reinforcement post-positive reinforcement. - https://knowbe4.zendesk.com/hc/en-us/articles/226938287-How-do-I-Handle-my-Clickers-or-Vulnerable-Employees- Robert W. Barton Director of Information Security Lewis University One University Parkway Romeoville, IL 60446-2200 815-836-5663 From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Rob Milman Sent: Tuesday, March 21, 2017 11:30 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Repeat offenders during phishing campaign Hi everyone, We have been running a phishing campaign since last fall. There have been a small number of repeat offenders, which our vendor has identified as high-risk individuals. Have any of you dealt with this situation and developed a process that you'd like to share? Thanks, Rob [cid:image004.png@01D18F19.9217E950] Rob Milman Security & Compliance Analyst Information Systems Southern Alberta Institute of Technology EH Crandell Building, GA 214 1301 - 16 Avenue NW, Calgary AB, T2M 0L4 (Office) 403.774.5401 (Cell) 403.606.3173 rob.milman () sait ca<mailto:rob.milman () sait ca> This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone at (815)-836-5950 and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication. Thank you.
Current thread:
- Repeat offenders during phishing campaign Rob Milman (Mar 21)
- Re: Repeat offenders during phishing campaign Barton, Robert W. (Mar 21)
- Re: Repeat offenders during phishing campaign Greg Williams (Mar 21)
- Re: Repeat offenders during phishing campaign McCrary, Barbara (Mar 21)
- Re: Repeat offenders during phishing campaign Ben Woelk (Mar 21)
- Re: Repeat offenders during phishing campaign Rob Milman (Mar 21)
- Re: Repeat offenders during phishing campaign James Valente (Mar 21)
- Re: Repeat offenders during phishing campaign Frank Barton (Mar 21)
- Re: Repeat offenders during phishing campaign James Valente (Mar 21)
- Re: Repeat offenders during phishing campaign Urrea, Nick (Mar 21)
- Re: Repeat offenders during phishing campaign Steven Alexander (Mar 21)
- Re: Repeat offenders during phishing campaign Brad Judy (Mar 21)
- Re: Repeat offenders during phishing campaign Rob Milman (Mar 21)