A recent study presented at the USENIX SOUPS security conference has confirmed what many security experts have suspected for years: phishing awareness training wears off quickly. Academics from multiple German universities leveraged laws mandating phishing awareness training to study how effective that training truly is. The researchers tested a group of public sector employees at different intervals after phishing training to determine how long the training was effective. The tested employees were broken into multiple groups which were tested at four, six, eight, ten, and twelve-month intervals. The researchers saw satisfactory results from the employees tested four months after their phishing training. These results dropped dramatically at the six-month test and continued to decline after that time. The team also tested the effectiveness of training reminders and found that employees who received video reminders of their training or interactive reminders retained their training best when compared to those who received simple text reminders.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in