an investigation of phishing awareness and education over
play

An investigation of phishing awareness and education over time: When - PowerPoint PPT Presentation

An investigation of phishing awareness and education over time: When and how to best remind users? Benjamin Reinheimer, Lukas Aldag, Peter Mayer, Mattia Mossano, Reyhan Duezguen, Bettina Lofthouse, Tatiana von Landesberger, Melanie Volkamer


  1. An investigation of phishing awareness and education over time: When and how to best remind users? Benjamin Reinheimer, Lukas Aldag, Peter Mayer, Mattia Mossano, Reyhan Duezguen, Bettina Lofthouse, Tatiana von Landesberger, Melanie Volkamer COMPETENCE CENTER FOR APPLIED SECURITY TECHNOLOGY (KASTEL) RESEARCH GROUP SECURITY • USABILITY • SOCIETY (SECUSO) Feel free to add picture here 1 www.kit.edu KIT – The Research University in the Helmholtz Association

  2. Contribution Systematically measure retention Longitudinal field-study Reminder measures 1. 3. 4. 2. SOUPS 2020, Benjamin Reinheimer 21/07/2020 Research Group Security • Usability • Society (SECUSO)

  3. About the setting State Office for Geoinformation and State Survey (SOGSS) 2,200 employees Optional participation Mandatory tutorial on phishing in the study: 409 using a train-the-trainer approach participants Canova/Volkamer/Bergmann/Reinheimer: NoPhish app evaluation: lab and retention study. In USEC 2015 Neumann/Reinheimer/Volkamer: Don’t be deceived: the message might be fake. In TrutBus2017 Stockhardt/ Reinheimer/Volkamer/Mayer/Kunz/Rack/Lehmann: Teaching phishing-security: which way is best?. In IFIP Sec 2016 … SOUPS 2020, Benjamin Reinheimer 21/07/2020 Research Group Security • Usability • Society (SECUSO)

  4. Four Reminder Measures Short-Text Text Video Same content … (there is even more text) Interactive Email SOUPS 2020, Benjamin Reinheimer 21/07/2020 Research Group Security • Usability • Society (SECUSO)

  5. Study Design and Results Judge 20 email Study details for Control Questions & screenshots in role play Thanks random order SOUPS 2020, Benjamin Reinheimer 21/07/2020 Research Group Security • Usability • Society (SECUSO)

  6. Summary Systematically measure retention Longitudinal field-study Reminder necessary between 4 and 6 months Reminder measures 409 out of 2,200 employees Thanks for listening and thanks to my co-authors For further questions feel free to contact me via Video and Interactive Email Benjamin.Reinheimer@kit.edu example most effective https://s.kit.edu/soups2020 SOUPS 2020, Benjamin Reinheimer 21/07/2020 Research Group Security • Usability • Society (SECUSO)

Recommend


More recommend