Studies Cite Ineffective Training As Key Reason for Failed Phishing Tests
Cybersecurity Dive
|
Contributed by: Kate Gamble
Summary
Recent studies reveal that traditional security awareness training for employees is largely ineffective in reducing susceptibility to phishing attacks, challenging the notion that human behavior is the weakest link in cybersecurity. Research from institutions like the University of Chicago and ETH Zurich indicates that common training methods fail to bolster resilience against attacks and may, in fact, foster overconfidence. This highlights a crucial need for healthcare organizations to rethink their cybersecurity training strategies, as existing programs may not adequately equip employees to navigate digital threats. The implications for healthcare professionals are significant, necessitating a shift towards more effective methods of behavior change that align training with real-world application.
