What action do you take when a user fails a simulated phishing test?

Training & CertificationPersonal Development

No action taken7%

Extra training required by user 95%

Permissions revoked5%

Disciplinary action taken against user3%

91 PARTICIPANTS
3.1k viewscircle icon1 Upvotecircle icon4 Comments
Sort by:
Principal Cybersecurity Specialist - SaaS Security6 months ago

It depends on what type of phishing test and which user group/persona failed it. Like, if was a accounts payable or HR payroll team, then more stringent action needs to be taken. 

Information Security Manager in Banking7 months ago

Not enough options for this. We provide a teachable moment and give them resources to read on their own. If it's a second or third failure we provide the teachable moment and assign a quick remedial online training. We also inform supervisors so they can address the behavior at their level if they need it. At the beginning of every year, everyone has a clean slate.

Lightbulb on1
IT Operations Manager in Constructiona year ago

Follow-up question, for those opting for disciplinary action, do you think it is effective? 

Engineering Managera year ago

The best action is to provide additional training the the user(s) to increase awareness and knowledge. None of the other options in this poll are viable in the long-term. 

Lightbulb on2

Content you might like

Wondering if infosec folks consider the risk of burnout to be an unavoidable part of cybersecurity roles?

Yes, it’s unavoidable in cyber43%

No, it can be avoided48%

I don’t know…7%

View Results

It's time for 2024 predictions: Note that these are just ideas or off-the-wall predictions. However, choose the one you think is most likely to come about December 29th, 2024.

The First Human (Universal Translator) will be created using AI10%

Generative AI, will be added to children's Toys and be the hottest toy in 202435%

AGI (Artificial General Intelligence) will be created (Denial, Scared, and Hope) may come out of this. 15%

AI and GenAI will be able to communicate with (an animal species) in 2024. -There is work going on now to do this. 12%

Lawmakers will force AI Platforms to provide extensive lists of what information is in use, or being used within any AI model. If the company or entity cannot provide such information there will be fines. (This will force AI Models to be built on known data or purchased data)16%

Employment concerns spike in 2024. Concerns with companies asking for 10+ years, no job training, people let go and AI hired on, Schooling not keeping up with the innovation of this new technological innovation. 11%

View Results

I need to define the strategy and roadmap for Enterprise Architecture from scratch. Considering the company has the lowest level of maturity, what do you suggest in this scenario?

Read More Comments

We currently use Microsoft Viva Goals for OKR tracking throughout the organization. Unfortunately, Microsoft is retiring this solution by End of 2025.  Do you know any comparable solutions which you use for OKR tracking which might be worth taking a detailed look into?

We finished few month ago the migration to exchange online (comming from Exchange onprem). Since the migration is done we are experiencing so many tickets regarding to outlook like: -Share Mailbox Missing -Calender issues -Corrupted ost file -Exchange Admin Center not reachable and few other Topics. I wanted to ask the Community what they experience with exchange online is?  Is it mostly stable, or can I expect to live with all these issues?