One of the most valuable pieces of information for security and risk management (SRM) leaders related to phishing simulation testing is click rate benchmarking statistics. Organizations want the ability to compare their click rate within their workforce with other organizations in similar sectors, organizational size and geographical location. It is extremely challenging for SRM leaders to answer the question, so why not use National Cybersecurity Awareness Month to ask yourself: “How does my click rate stack up?”
Most Phishing Reports Are Not Comparing Apples to Apples
Too often, organizations are leveraging phishing reports that are published mostly based on phishing simulation testing data using inconsistent and varying testing factors: different phishing templates, templates with varying degree of complexity and difficulty and inconsistent testing period. This benchmarking approach does not compare apples to apples making the ability to compare your click rate with peers difficult.
One Phishing Simulation Template – Common Phishing Simulation Testing Period
The best approach to measure and accurately compare your click rate with other organizations is to test all users (recipients) with a single and identical phishing simulation template during a common phishing simulation period. This is the exact approach that two financial institutions based in Montreal, Canada applied in order to compare their respective click rate and gauge how alert their employees are to phishing emails – both financial institutions launched a phishing simulation on the same day using the same exact phishing template. Super smart!
The Gone Phishing Tournament launched in parallel with National Cybersecurity Awareness Month, has set an objective to raise the bar on phishing simulation testing and benchmarking – giving organizations the ability to truly understand how their click rate stacks up with other organizations within the same industry, with similar organization size and geographical location. Achieved by applying an accurate methodology – one phishing template – same testing period. As a leader in the security awareness space, Terranova Security is committed to providing SRM leaders with their true click rate benchmark and are inviting all SRM leaders to get involved and discover how their click rate stacks up by participating in the The Gone Phishing TournementTM
Quick Reminder on Why Phishing Simulations Raise Awareness to Cyber Attacks
Social engineering and phishing are successful because they rely on the natural human tendency to trust others. People assume the password update or wire transfer request is legitimate because they recognize the source and believe they are acting in the best interests of themselves and others. The benefit of phishing simulation testing allows organizations to identify which employees are prone to phishing and subsequently provide education through security awareness training.
Phishing simulations provide your organization these top 10 benefits:
- Measure the degrees of corporate and employee vulnerability
- Reduce the cyber threat risk level
- Increase user alertness to phishing threat
- Instill a cyber security culture and create cyber security heroes
- Change behavior to eliminate the automatic trust response
- Enable reporting and response of phishing attempts
- Protect valuable corporate and personal data
- Provide just-in-time training for clickers
- Assess the impacts of cyber security awareness training
- Segment phishing simulation
Global Phishing Simulation Tournament
We are proud to launch The Gone Phishing Tournament to mark the 16th annual National Cybersecurity Awareness Month (NCSAM). Under the overarching theme of “Own IT. Secure IT. Protect IT”, NCASM is focused on encouraging personal accountability and proactive behavior in security best practices. This global phishing simulation event also aims to inspire SRM leaders globally to be proactive and leverage security best practices with accurate click rate statistics and benchmarking.
Benchmarking Statistics Related to Phishing Simulations Are Critical for Driving Behavioral Change
SRM leaders are invited to register their organization for the opportunity to participate in the tournament to raise awareness around the importance of phishing simulation testing. The Gone Phishing Tournament will help SRM leaders understand what the best practices are in terms of launching phishing simulations to test users and determine their click rate. Each organization will benefit from:
- Phishing simulation launched and managed by Terranova Security
- Free trial of phishing as a service
- Complimentary copy of The Gone Phishing Tournament report that will be published following National Cybersecurity Awareness Month
- Personalized click rate information by industry, organizational size and geographical location
National Cybersecurity Awareness Month is a great opportunity for all security and risk management leaders to increase awareness and visibility around the dangers of cyber threats and reinforce the importance of being diligent about phishing emails. The Gone Phishing Tournament is our contribution to supporting organizations around the world in their cyber security journey towards building a security culture and reducing human risk.
The Gone Phishing Tournament is an annual, cyber security event open to security and risk management leaders responsible for driving a security culture by testing, training and reporting on phishing threats.