A Study of Different Awareness Campaigns in a Company

• URL: http://arxiv.org/abs/2308.15176v1
• Date: Tue, 29 Aug 2023 09:57:11 GMT
• Title: A Study of Different Awareness Campaigns in a Company
• Authors: Laura Gamisch, Daniela Pöhn,
• Abstract summary: Phishing is a major cyber threat to organizations that can cause financial and reputational damage. This paper examines how awareness concepts can be successfully implemented and validated.
• Score: 0.0
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Phishing is a major cyber threat to organizations that can cause financial and reputational damage, threatening their existence. The technical measures against phishing should be complemented by awareness training for employees. However, there is little validation of awareness measures. Consequently, organizations have an additional burden when integrating awareness training, as there is no consensus on which method brings the best success. This paper examines how awareness concepts can be successfully implemented and validated. For this purpose, various factors, such as requirements and possible combinations of methods, are taken into account in our case study at a small- and medium-sized enterprise (SME). To measure success, phishing exercises are conducted. The study suggests that pleasant campaigns result in better performance in the simulated phishing exercise. In addition, significant improvements and differences in the target groups could be observed. The implementation of awareness training with integrated key performance indicators can be used as a basis for other organizations.

Related papers

• FEDLAD: Federated Evaluation of Deep Leakage Attacks and Defenses [50.921333548391345]
  Federated Learning is a privacy preserving decentralized machine learning paradigm. Recent research has revealed that private ground truth data can be recovered through a gradient technique known as Deep Leakage. This paper introduces the FEDLAD Framework (Federated Evaluation of Deep Leakage Attacks and Defenses), a comprehensive benchmark for evaluating Deep Leakage attacks and defenses.
  arXiv  Detail & Related papers  (2024-11-05T11:42:26Z)
• Content, Nudges and Incentives: A Study on the Effectiveness and Perception of Embedded Phishing Training [14.482027080866104]
  We investigate embedded phishing training in three aspects. knowledge gains from its content, nudges and reminders from the test itself, and the deterrent effect of potential consequences. Our study contributes several novel findings on the training practice.
  arXiv  Detail & Related papers  (2024-09-02T17:17:44Z)
• The Pitfalls and Promise of Conformal Inference Under Adversarial Attacks [90.52808174102157]
  In safety-critical applications such as medical imaging and autonomous driving, it is imperative to maintain both high adversarial robustness to protect against potential adversarial attacks. A notable knowledge gap remains concerning the uncertainty inherent in adversarially trained models. This study investigates the uncertainty of deep learning models by examining the performance of conformal prediction (CP) in the context of standard adversarial attacks.
  arXiv  Detail & Related papers  (2024-05-14T18:05:19Z)
• On the Conflict of Robustness and Learning in Collaborative Machine Learning [9.372984119950765]
  Collaborative Machine Learning (CML) allows participants to jointly train a machine learning model while keeping their training data private. In many scenarios where CML is seen as the solution to privacy issues, such as health-related applications, safety is also a primary concern. To ensure that CML processes produce models that output correct and reliable decisions, researchers propose to use textitrobust aggregators.
  arXiv  Detail & Related papers  (2024-02-21T11:04:23Z)
• Understanding Adversarial Transferability in Federated Learning [16.204192821886927]
  We investigate the robustness and security issues from a novel and practical setting. A group of malicious clients has impacted the model during training by disguising their identities and acting as benign clients. Our aim is to offer a full understanding of the challenges the FL system faces in this practical setting.
  arXiv  Detail & Related papers  (2023-10-01T08:35:46Z)
• From Compliance to Impact: Tracing the Transformation of an Organizational Security Awareness Program [3.3916160303055567]
  We conduct a year-long case study of a security awareness program in a U.S. government agency. Our findings reveal the challenges and practices involved in the progression of a security awareness program.
  arXiv  Detail & Related papers  (2023-09-14T14:01:05Z)
• When Measures are Unreliable: Imperceptible Adversarial Perturbations toward Top-$k$ Multi-Label Learning [83.8758881342346]
  A novel loss function is devised to generate adversarial perturbations that could achieve both visual and measure imperceptibility. Experiments on large-scale benchmark datasets demonstrate the superiority of our proposed method in attacking the top-$k$ multi-label systems.
  arXiv  Detail & Related papers  (2023-07-27T13:18:47Z)
• A Tale of HodgeRank and Spectral Method: Target Attack Against Rank Aggregation Is the Fixed Point of Adversarial Game [153.74942025516853]
  The intrinsic vulnerability of the rank aggregation methods is not well studied in the literature. In this paper, we focus on the purposeful adversary who desires to designate the aggregated results by modifying the pairwise data. The effectiveness of the suggested target attack strategies is demonstrated by a series of toy simulations and several real-world data experiments.
  arXiv  Detail & Related papers  (2022-09-13T05:59:02Z)
• Robust Pre-Training by Adversarial Contrastive Learning [120.33706897927391]
  Recent work has shown that, when integrated with adversarial training, self-supervised pre-training can lead to state-of-the-art robustness. We improve robustness-aware self-supervised pre-training by learning representations consistent under both data augmentations and adversarial perturbations.
  arXiv  Detail & Related papers  (2020-10-26T04:44:43Z)
• SMEs' Confidentiality Concerns for Security Information Sharing [1.3452510519858993]
  Small and medium-sized enterprises are considered an essential part of the EU economy, however, highly vulnerable to cyberattacks. This paper presents the results of semi-structured interviews with seven chief information security officers of SMEs to evaluate the impact of online consent communication on motivation for information sharing. The findings demonstrate that online consent with multiple options for indicating a suitable level of agreement improved motivation for information sharing.
  arXiv  Detail & Related papers  (2020-07-13T10:59:40Z)
• COVI White Paper [67.04578448931741]
  Contact tracing is an essential tool to change the course of the Covid-19 pandemic. We present an overview of the rationale, design, ethical considerations and privacy strategy of COVI,' a Covid-19 public peer-to-peer contact tracing and risk awareness mobile application developed in Canada.
  arXiv  Detail & Related papers  (2020-05-18T07:40:49Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.