Your digital "Home of IT Security"
365 days a year: solutions, knowledge and networking.
Find and offer innovative IT security solutions, take part in our diverse action program and make and maintain contacts.
Become part of the it-sa 365 community!
Make an appointment with
So that you can make an appointment, the calendar will open in a new tab on the personal profile of your contact person.
Create an onsite appointment with
So that you can make an onsite appointment, the appointment request will open in a new tab.
In addition to interactive learning platforms and classic communication campaigns, phishing simulations are a popular tool for increasing the cyber security awareness in organizations. There are, however, a number of pitfalls to be considered and avoided, primarily a lack of focus on the aspect of learning. In the past, simulations have oftentimes been used merely as a testing tool, carrying out checks on the awareness level of individual employees. The white paper demonstrates the potential of systematically planned and executed phishing simulations if decision makers follow the eight presented best practices in terms of a philosophy focused on the learning success of the employees. This includes not only the technical preparation, announcement, anonymity and learning orientation, continuity and randomization, and individualization of the phishing simulation, but also the complementation of the simulation with learning contents as well as the establishment of a reporting chain along with meaningful feedback to employees before, during and after the campaign.
A document on this subject is available in German. Would you like to read it? Switch to the German view.
