Reply to post:

If you have to simulate a phishing attack on your org, at least try to get something useful from it

BillG Silver badge

The secret of blind phishing simulation, then, is good blind phishing simulation, which means following a few rules. The first of these is that running the test should generate useful data, both for the testers but also the people being tested.

Or to quote Spock: "Before performing a test, decide what you will do if the results are positive or negative. If the answers are the same, don't perform the test."

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019