This article has been indexed from Webroot Blog
Earlier this year, the National Institute for Standards and Technology (NIST) published updated recommendations for phishing simulations in security awareness training programs. We discussed it on our Community page soon after the updated standards were released, but the substance of the change bears repeating. “Practical exercises include no-notice social engineering attempts to collect information, gain […]
The post NIST and No-notice: Finding the Goldilocks zone for phishing simulation difficulty appeared first on Webroot Blog.
Read the original article: NIST and No-notice: Finding the Goldilocks zone for phishing simulation difficulty