The purpose of an information security awareness program serves to protect business data through user education to properly handle constant information security threats and to minimize its impact to the individual and the organization. Past research has not offered comprehensive studies involving an established security awareness program that uses both end user training and marketing tools to communicate and create awareness.
By Kingkane Malmquist
Full abstract and materials: https://www.blackhat.com/us-18/briefings/schedule/#exposing-the-bait-a-qualitative-look-at-the-impact-of-autonomous-peer-communication-to-enhance-organizational-phishing-detection-10259
