There’s no silver bullet to combating protecting your organization from phishing attacks today. The only comprehensive approach leverages a combination of methods, many of which we’ve covered in parts 1 and 2 of our three-part phishing Whiteboard Wednesday series.

Phishing is a human problem, and part of the solution is to properly educate your users. You can have all of the best defenses in place, but if your users don’t know how to spot and report phishing attacks, your job becomes all that much harder.

In this Whiteboard Wednesday discussion, Solutions Manager for Vulnerability Management and Offensive Security Products, Justin Buchanan, covers the fundamentals of phishing awareness training:


In this tutorial you’ll learn:

  • Where to start when implementing a phishing awareness training program
  • Which aspects of phishing warrant user training
  • How to conduct phishing simulation tests
  • What an ongoing training program looks like
  • How to baseline and measure training for improvements over time

Want to start identifying, detecting, and responding to phishing attempts to protect critical data?

Try Rapid7 InsightPhish

As always, if there's a topic you'd like to see us cover on Whiteboard Wednesday, Tweet us @Rapid7, or use the hashtag #WBW. Thanks!