mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-07-05 15:29:01 +03:00
Initial commit - 611 cybersecurity skills across all subdomains
This commit is contained in:
@@ -0,0 +1,125 @@
|
||||
# Workflows: Anti-Phishing Training Program
|
||||
|
||||
## Workflow 1: Annual Program Lifecycle
|
||||
|
||||
```
|
||||
Q1: Baseline & Planning
|
||||
+-- Run baseline phishing simulation
|
||||
+-- Assess current awareness maturity level
|
||||
+-- Define annual targets and KPIs
|
||||
+-- Select/renew training platform
|
||||
+-- Design curriculum by role and department
|
||||
|
|
||||
Q2: Foundation Training
|
||||
+-- Deploy core phishing awareness modules
|
||||
+-- Run monthly simulations (easy difficulty)
|
||||
+-- Launch phishing report button
|
||||
+-- Begin tracking metrics
|
||||
|
|
||||
Q3: Advanced Training
|
||||
+-- Role-specific training (finance, IT, executives)
|
||||
+-- Increase simulation difficulty
|
||||
+-- Recognize security champions
|
||||
+-- Mid-year metrics review
|
||||
|
|
||||
Q4: Assessment & Optimization
|
||||
+-- Run year-end assessment simulation
|
||||
+-- Compare against baseline
|
||||
+-- Generate annual report
|
||||
+-- Identify gaps for next year
|
||||
+-- Present ROI to leadership
|
||||
```
|
||||
|
||||
## Workflow 2: Just-in-Time Training Flow
|
||||
|
||||
```
|
||||
User interacts with simulated phishing email
|
||||
|
|
||||
v
|
||||
[Did user click the link?]
|
||||
|
|
||||
+-- NO (ignored or reported) --> Positive outcome tracked
|
||||
| |
|
||||
| +-- [Did user report it?]
|
||||
| +-- YES --> Send congratulations, award points
|
||||
| +-- NO --> No action (not a failure)
|
||||
|
|
||||
+-- YES (clicked link)
|
||||
|
|
||||
v
|
||||
[Landing page shows "This was a test"]
|
||||
|
|
||||
v
|
||||
[Immediate micro-training module (2-3 min)]
|
||||
+-- What red flags were present
|
||||
+-- How to identify similar emails
|
||||
+-- How to report suspicious emails
|
||||
|
|
||||
v
|
||||
[Auto-enroll in refresher course within 7 days]
|
||||
|
|
||||
v
|
||||
[Manager receives aggregate report (not individual names)]
|
||||
|
|
||||
v
|
||||
[User included in next simulation cycle]
|
||||
```
|
||||
|
||||
## Workflow 3: Repeat Offender Escalation
|
||||
|
||||
```
|
||||
User fails first simulation
|
||||
|
|
||||
+-- Standard just-in-time training
|
||||
+-- Auto-enrolled in awareness module
|
||||
|
|
||||
User fails second simulation (within 6 months)
|
||||
|
|
||||
+-- Enhanced training assignment
|
||||
+-- One-on-one coaching session offered
|
||||
+-- Manager notification (private)
|
||||
|
|
||||
User fails third simulation
|
||||
|
|
||||
+-- Mandatory extended training
|
||||
+-- Access restrictions considered (additional MFA, restricted permissions)
|
||||
+-- HR involvement per policy
|
||||
+-- Monthly targeted simulations
|
||||
|
|
||||
User passes subsequent simulation
|
||||
|
|
||||
+-- Return to normal simulation schedule
|
||||
+-- Positive reinforcement
|
||||
```
|
||||
|
||||
## Workflow 4: Metrics-Driven Optimization
|
||||
|
||||
```
|
||||
Monthly Data Collection
|
||||
|
|
||||
+-- Simulation results (click, submit, report rates)
|
||||
+-- Training completion rates
|
||||
+-- User-reported real phishing volume
|
||||
+-- Help desk phishing tickets
|
||||
|
|
||||
v
|
||||
[Analyze by dimensions]
|
||||
+-- Department breakdown
|
||||
+-- Role/seniority breakdown
|
||||
+-- Location breakdown
|
||||
+-- Trend over time
|
||||
|
|
||||
v
|
||||
[Identify patterns]
|
||||
+-- Which departments are improving?
|
||||
+-- Which scenarios are most effective?
|
||||
+-- Are repeat offenders decreasing?
|
||||
+-- Is report rate increasing?
|
||||
|
|
||||
v
|
||||
[Adjust program]
|
||||
+-- Increase difficulty for high-performing groups
|
||||
+-- More training for struggling departments
|
||||
+-- New scenario types for common gaps
|
||||
+-- Update content for new threat trends
|
||||
```
|
||||
Reference in New Issue
Block a user