Educause Security Discussion mailing list archives
Re: Phishing Simulation - Punitive Escalation
From: Frank Barton <bartonf () HUSSON EDU>
Date: Mon, 18 May 2020 12:24:37 -0400
Ken, what is your escalation for "frequent clickers" then? The question that we have been struggling with is "If the message isn't getting through, how do you get it through?" Frank On Mon, May 18, 2020 at 12:20 PM Ken Connelly <ken.connelly () uni edu> wrote:
I sold phishing education to our administration with the caveat that it would *never* be punitive. I think that's an important piece of our program. -ken On 5/18/20 9:51 AM, Gomez, Joshua wrote: Hello I wanted to ask what people are doing for a "path to escalation" for staff who repeatedly fail simulations or cause incidents? *For Example* First Failure -> Remedial Training Second Failure -> Remedial Training + Supervisor Notification Third Failure –> Remedial Training + Sit down with person and department head Etc. I’m just trying to get some ideas to bring to our Governance committee. We have not been trying to be punitive and haven’t needed to do much, but we are starting to see repeat offenders that need coaching for behavioral changes. Thanks in Advance, Josh *Joshua Gomez*| *Analyst, Information Security* Information Technology Solutions ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community -- - Ken ================================================================= Ken Connelly Director, Information Security Information Security Officer University of Northern Iowa email: Ken.Connelly () uni edu p: (319) 273-5850 f: (319) 273-3010 Any request to divulge your UNI password via e-mail is fraudulent! ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
-- Frank Barton, MBA Security+, ACMT, MCP IT Systems Administrator Husson University PGP Key Fingerprint: 0249DC644EC78D2F6B5CD2C6C94D3EDB57946437 ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Current thread:
- Phishing Simulation - Punitive Escalation Gomez, Joshua (May 18)
- Re: Phishing Simulation - Punitive Escalation Ken Connelly (May 18)
- Re: Phishing Simulation - Punitive Escalation Frank Barton (May 18)
- Re: Phishing Simulation - Punitive Escalation Ullman, Catherine (May 18)
- Re: Phishing Simulation - Punitive Escalation Scantlin, Aaron J. (May 18)
- Re: [EXTERNAL] Re: [SECURITY] Phishing Simulation - Punitive Escalation Hart, Michael (May 18)
- Re: Phishing Simulation - Punitive Escalation Frank Barton (May 18)
- Re: Phishing Simulation - Punitive Escalation Jesse Thompson (May 18)
- <Possible follow-ups>
- Re: Phishing Simulation - Punitive Escalation Czarapata, Paul (KCTCS) (May 18)
- Re: Phishing Simulation - Punitive Escalation Rose, Henry (May 18)
- Re: Phishing Simulation - Punitive Escalation Oliver Betts-Richards (May 19)
- Re: Phishing Simulation - Punitive Escalation Ken Connelly (May 18)