Building and Implementing an Enterprise-level Phishing Program
The collective belief is that the "People" element is the weakest link in cyber defense. Leveraging this course can help you build your phishing program from scratch, implement it, select a suitable vendor, and optimize to the needs of your organization.
What you'll learn
Can you quantify the cyber risk posed by your employees to your organization? An Enterprise-level Phishing Program can tell you exactly which employee, which branch, region, or country of your firm is posing the maximum cybersecurity risk. In this course, Building and Implementing an Enterprise-level Phishing Program, you will gain the ability to effectively run an enterprise-level phishing program. First, you will learn to decide the scope and audience. Next, you will discover the basics of running the campaigns including designing the campaign, prioritizing the audience, selecting a third-party vendor, and running the campaigns. Finally, you will explore what metrics to track and how to effectively link the phishing program to other Infosec activities in your organization. When you’re finished with this course, you will have the know-how to effectively complement your Infosec training and awareness program with a well defined Phishing Simulation.
Table of contents
- Module Introduction 1m
- Scope of Phishing Campaign 3m
- Factors Affecting a Phishing Program 2m
- Demo: Setting up Gophish 1m
- Demo: Creating Sender Profiles 2m
- Demo: Creating Email Templates 3m
- Demo: Adding User Groups 1m
- Demo: Designing Campaigns 1m
- Selecting Third Party Vendor 6m
- Customizing Phishing Campaigns 1m
- Success Factors in a Phishing Campaign 1m
- Case Study: Designing Phishing Campaigns for Globomantics 1m
About the author
With comprehensive experience in Cyber Security, Ethical Hacking, VAPT and Security Consultancy, I aim to bring my experience and knowledge to all professionals in this field. I have tested over 100 web and mobile applications. I have experience with compliance like ISO 27001, GDPR and PCI DSS. My areas of interest include Web and Mobile App Pentesting, Dark Web Intelligence, Cryptography, Enterprise Security, Network Security, ISO Standards and GDPR. I have conducted extensive online and offlin... more