Once employees from across your organisation are receiving simulated phishing emails on a regular basis, the next phase is analysing the results and identifying any trends, i.e. which departments or individuals are frequently caught out. All this data will inform your training requirements. In fact, most phishing awareness toolsets feature their own academy or training area, with a progression system that allows you to monitor your organisation’s progress.
It is important to consider how your IT and security teams interact with any phishing awareness toolset you have implemented, and how the follow-up training will be delivered. A phishing awareness toolset only delivers the full range of potential benefits when you’re actively monitoring its results, and ensuring there is positive engagement with all training.
Remember to ensure that your staff are aware of the reporting procedure for when they spot a suspicious email and encourage them to use these functions. Once again, phishing awareness toolsets can help, with many having a report button add-in for Outlook that will automatically notify your IT helpdesk of suspicious emails when clicked.