lucy_onboarding_checklist
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revision | Next revisionBoth sides next revision | ||
lucy_onboarding_checklist [2019/10/15 15:32] – lucy | lucy_onboarding_checklist [2020/01/15 08:50] – lucy | ||
---|---|---|---|
Line 13: | Line 13: | ||
^ Name ^ Description ^ Questions ^ Link(s) ^ | ^ Name ^ Description ^ Questions ^ Link(s) ^ | ||
| Get approval | Similar to approaching any important project, the first step in running a successful internal phishing training campaign is to make sure all concerned parties are notified and ready to comply. This includes executives, board of directors, IT and HR team, and your legal department. This step is usually accomplished fast and easy as it requires only a mild investment in phishing education in exchange of employee knowledge that can protect your company data from hacker attacks. Don’t forget to consult your HR department to ensure your simulations comply with current company policies. It’s also wise to reach out to your IT and Helpdesk Departments and discuss the planned activities with them. |•Did you get approval from the relevant departments (legal, risk, HR, support etc.)? \\ \\ •Has anyone voiced concerns you didn’t consider? | No links | | | Get approval | Similar to approaching any important project, the first step in running a successful internal phishing training campaign is to make sure all concerned parties are notified and ready to comply. This includes executives, board of directors, IT and HR team, and your legal department. This step is usually accomplished fast and easy as it requires only a mild investment in phishing education in exchange of employee knowledge that can protect your company data from hacker attacks. Don’t forget to consult your HR department to ensure your simulations comply with current company policies. It’s also wise to reach out to your IT and Helpdesk Departments and discuss the planned activities with them. |•Did you get approval from the relevant departments (legal, risk, HR, support etc.)? \\ \\ •Has anyone voiced concerns you didn’t consider? | No links | | ||
- | | Define | + | | Define |
| Past Education | Don’t forget to consider prior simulations and trainings that you’ve conducted on the topic of phishing and scam detection. If your employees have already been trained to spot scams, you should probably consider more sophisticated attack simulations that will be more difficult to recognize. | • Have you already trained all users on phishing & social engineering? | | Past Education | Don’t forget to consider prior simulations and trainings that you’ve conducted on the topic of phishing and scam detection. If your employees have already been trained to spot scams, you should probably consider more sophisticated attack simulations that will be more difficult to recognize. | • Have you already trained all users on phishing & social engineering? | ||
| Current exposure | One main tactic attackers use is ‘spoofing’, | | Current exposure | One main tactic attackers use is ‘spoofing’, |
lucy_onboarding_checklist.txt · Last modified: 2021/09/29 10:28 by lucysecurity