In episode 173 of Cybersecurity Where You Are, Sean Atkinson is joined by Roger Grimes, CISO Advisor at KnowBe4. Together, they discuss "scammer jousting," a term coined by Tony Sager which describes empowering organizations to manage human risk using simulated phishing.

Here are some highlights from our episode:

• 01:05. How simulated phishing and scammer jousting manage human risk
• 03:48. The shift in perception of security awareness training over the past 20 years
• 06:19. The need for testing to build capability and resiliency amongst employees
• 09:27. The many faces of phishing attacks and the impact of generative artificial intelligence
• 15:00. How gamification is proven to help users learn more in their cybersecurity training
• 16:57. How data empowers organizations to communicate the potential impact of a phish
• 19:57. The use of behavior engineering to foster a stronger security culture
• 23:56. The value of customer feedback in continuously enhancing phishing training
• 29:52. Continuous and hyper-personalized training as the future of spammer jousting

Resources

• Episode 77: Data's Value to Decision-Making in Cybersecurity
• Episode 98: Transparency as a Tool to Combat Insider Threats
• A Short Guide for Spotting Phishing Attempts
• CIS Controls v8.1 Security Awareness Skills Training Policy Template
• SANS Workforce Security and Risk Training
• The Evolving Role of Generative Artificial Intelligence in the Cyber Threat Landscape
• Episode 110: How Security Culture and Corporate Culture Mesh

If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing [email protected].