Cybercriminals often send phishing campaigns randomly. A typical organization may see phishing emails reach scores of inboxes. Training can be provided to reduce susceptibility to phishing attacks, yet some individuals will be better than others at spotting malicious emails.
PhishLine understands that everyone is different, which is why the firm is now using personality assessments as part of its anti-phishing behavior management solution. By understanding which individuals in an organization are most susceptible to phishing attacks, customers can select training modules accordingly and devote more time to improving security awareness among individuals most likely to be fooled by phishing emails.
This is a unique approach, with PhishLine the first company to use personality assessments in its anti-phishing training program. As Mark T. Chapman, President and founder of PhishLine explained, “Our clients are always searching for the best way to take their enterprise information security awareness program to the next level.” Chapman said, “This new, research-backed innovation helps clients achieve this by identifying behavior-based vulnerabilities that inform targeted remediation.”
The personality assessment takes the form of an online questionnaire where users are required to select self-describing adjectives. This simple assessment, combined with existing data, helps customers determine which individuals are the most vulnerable. Armed with this knowledge, it is possible to select the best training modules and methods to improve security awareness.
The tool has been developed with help from Organization Analysis and Design – A personality assessment company that helps organisations gain insights into employees to reduce turnover and increase performance and productivity. The tool is based on standards used by the American Psychology Association, Great Britain Psychology Society, and the Association of Test Publishers.
Chapman says, “It is a game changer for businesses looking to stay ahead of the threats through targeted security awareness that is grounded in understanding differences in human behaviors.”