Re: User awareness recognition programs

["Tevlin, Dave" <dtevlin () VISI ORG>]

You may want to check out the recent presentation from David Sherry and
Patricia Falcon at Brown that they gave at NERCOMP at the beginning of
April, called the Phish Bowl, where they set up a reporting and detection
mechanism for the campus.

http://www.educause.edu/nercomp-annual-conference/2015/phish-bowl-managing-phishing-frenzy-brown-university

Dave Tevlin, MS
Network/ Systems Administrator
Georgetown Visitation Prep School


On Mon, Apr 27, 2015 at 6:21 PM, Jim Cheetham <jim.cheetham () otago ac nz>
wrote:

> That sounds interesting to us, too.
>
> I've been trying to balance the issue of multiple reports for the same
> incident (each needing acknowledgement) against the desire to reward
> people for bothering to report or question them in the first place.
>
> I've been thinking of a system to allow people to report the email
> automatically, that will do some automated analysis (i.e. identify sources
> and URLs), and if there are sufficient trusted reports, might even take
> automatic action for us.
>
> So a slightly different focus, but probably still useable for your
> purposes. However at the moment I haven't found any products, and the
> alternative is to write it ourselves.
>
> -jim
>
> Excerpts from Ben Woelk's message of 2015-04-28 07:23:23 +1200:
> > I would be interested in hearing from anyone who has implemented a
> program that provides recognition/incentives for end users who successfully
> identify and report phishes, or display other "awareness" behaviors.
> > Ben Woelk '07 CISSP
> > ISO Program Manager
> > Information Security Office
> > Rochester Institute of Technology
> > ROS 10-A204
> > 151 Lomb Memorial Drive
> > Rochester, New York 14623
> > 585.475.4122
> > 585.475.7920 fax
> > ben.woelk () rit edu<mailto:ben.woelk () rit edu>
> > http://www.rit.edu/security/
> >
> > Become a fan of RIT Information Security at
> http://rit.facebook.com/RITInfosec<
> http://rit.facebook.com/profile.php?id=6017464645>
> > Follow us on Twitter: http://twitter.com/RIT_InfoSec
> >
> > CONFIDENTIALITY NOTE:  The information transmitted, including
> attachments, is intended only for the person(s) or entity to which it is
> addressed and may contain confidential and/or privileged material.  Any
> review, retransmission, dissemination or other use of, or taking of any
> action in reliance upon this information by persons or entities other than
> the intended recipient is prohibited.  If you received this in error,
> please contact the sender and destroy any copies of this information.
>
> --
> Jim Cheetham, Information Security, University of Otago, Dunedin, N.Z.
> ✉ jim.cheetham () otago ac nz    ☏ +64 3 470 4670    ☏ m +64 21 279 4670
> ⚷ OpenPGP: B50F BE3B D49B 3A8A 9CC3 8966 9374 82CD C982 0605