Performance benchmarking for simulated phishing attacks
First Claim
1. A method, comprising:
- conducting a simulated phishing attack on individuals from a first group;
recording a response of each individual from the first group to the simulated phishing attack;
calculating an aggregate performance of the first group based on the respective responses; and
comparing the aggregate performance of the first group with an aggregate performance of individuals from a second group so as to determine whether an additional simulated phishing attack should be administered to the individuals from the first group,wherein the simulated phishing attack is standardized for all individuals from the first and second groups so as to allow the aggregate performance of the first group to be compared with the aggregate performance of the second group.
7 Assignments
0 Petitions
Accused Products
Abstract
Described herein are methods, network devices and machine-readable media for conducting a simulated phishing attack on a first group of individuals, and performing an analysis of the group'"'"'s performance to the simulated attack. In the analysis, an aggregate performance of the first group is compared with an aggregate performance of individuals from a second group. Standardizing the simulated phishing attacks for individuals from both the first and second groups is necessary in order for the performance of the first group to be fairly or meaningfully compared to the performance of the second group. To ensure uniformity in the simulated phishing attacks, messages thereof may be constructed from template messages, the template messages having placeholders for individual-specific and company-specific information.
288 Citations
14 Claims
-
1. A method, comprising:
-
conducting a simulated phishing attack on individuals from a first group; recording a response of each individual from the first group to the simulated phishing attack; calculating an aggregate performance of the first group based on the respective responses; and comparing the aggregate performance of the first group with an aggregate performance of individuals from a second group so as to determine whether an additional simulated phishing attack should be administered to the individuals from the first group, wherein the simulated phishing attack is standardized for all individuals from the first and second groups so as to allow the aggregate performance of the first group to be compared with the aggregate performance of the second group. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A network device, comprising:
-
a processor; a storage device connected to the processor; and a set of instructions on the storage device that, when executed by the processor, cause the processor to; conduct a simulated phishing attack on individuals from a first group; record a response of each individual from the first group to the simulated phishing attack; calculate an aggregate performance of the first group based on the respective responses; and compare the aggregate performance of the first group with an aggregate performance of individuals from a second group so as to determine whether an additional simulated phishing attack should be administered to the individuals from the first group, wherein the simulated phishing attack is standardized for all individuals from the first and second groups so as to allow the aggregate performance of the first group to be compared with the aggregate performance of the second group.
-
-
14. A non-transitory machine-readable storage medium comprising software instructions that, when executed by a processor, cause the processor to:
-
conduct a simulated phishing attack on individuals from a first group; record a response of each individual from the first group to the simulated phishing attack; calculate an aggregate performance of the first group based on the respective responses; and compare the aggregate performance of the first group with an aggregate performance of individuals from a second group so as to determine whether an additional simulated phishing attack should be administered to the individuals from the first group, wherein the simulated phishing attack is standardized for all individuals from the first and second groups so as to allow the aggregate performance of the first group to be compared with the aggregate performance of the second group.
-
Specification