mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-26 11:44:37 +03:00

Files

T

mukul975 886658219f Add MITRE Fight Fraud Framework (F3 v1.1) mappings to fraud-relevant skills

- Add mitre_f3 frontmatter block to 94 fraud-relevant skills (phishing,
  account takeover, banking malware, BEC, identity/KYC, payment/card fraud,
  money-mule/cash-out, ransomware extortion, DFIR, threat intel)
- Map each skill to F3 v1.1 tactics + precise technique IDs, including the
  two F3-specific tactics ATT&CK lacks: Positioning (FA0001) and
  Monetization (FA0002)
- All 123 F3 v1.1 technique IDs validated against the upstream STIX bundle
  (github.com/center-for-threat-informed-defense/fight-fraud-framework):
  0 invalid IDs, 0 invalid tactics, 0 name mismatches, no placeholder IDs
- mitre_f3 kept as a separate block from mitre_attack (F3 redefines several
  ATT&CK tactics for the fraud context)
- Add docs/mitre-f3-mapping.md schema reference
- Update README: F3 as the 6th framework, dedicated F3 section + badge

2026-06-20 16:06:04 +02:00

4.7 KiB

Raw Blame History

name, description, domain, subdomain, tags, version, author, license, nist_csf, mitre_attack, mitre_f3

name

description

domain

subdomain

Implementing Anti-Phishing Training Program

Overview

Security awareness training is the human layer of phishing defense. An effective anti-phishing training program combines regular simulations, interactive learning modules, metric tracking, and positive reinforcement to build a security-conscious culture. This skill covers designing, deploying, and measuring a comprehensive phishing awareness program using platforms like KnowBe4, Proofpoint Security Awareness, and open-source alternatives.

When to Use

When deploying or configuring implementing anti phishing training program capabilities in your environment
When establishing security controls aligned to compliance requirements
When building or improving security architecture for this domain
When conducting security assessments that require this implementation

Prerequisites

Management buy-in and budget approval
Security awareness training platform (KnowBe4, Proofpoint SAT, Cofense)
Employee email list and organizational structure
Baseline phishing susceptibility data (from initial simulation)
Learning management system (LMS) integration capability

Key Concepts

Training Program Pillars

Baseline Assessment: Initial phishing simulation to measure current susceptibility
Interactive Training: Role-based modules covering phishing identification
Regular Simulations: Monthly/quarterly phishing tests with progressive difficulty
Just-in-Time Learning: Immediate training after a user fails a simulation
Positive Reinforcement: Recognition for reporting phishing correctly
Metrics & Reporting: Track improvement over time by department and role

SANS Security Awareness Maturity Model

Level 1: Non-existent - No program
Level 2: Compliance-focused - Annual checkbox training
Level 3: Promoting Awareness - Engaging, regular content
Level 4: Long-term Sustainment - Continuous program with culture change
Level 5: Metrics Framework - Risk-based measurement and optimization

Workflow

Step 1: Establish Baseline

Run initial phishing simulation across all departments
Measure click rate, submit rate, and report rate
Identify high-risk departments and roles

Step 2: Design Curriculum

General awareness: Phishing identification basics for all employees
Role-specific: Finance (BEC/wire fraud), IT (credential phishing), Executives (whaling)
Progressive difficulty: Beginner, intermediate, advanced modules
Micro-learning: Short (3-5 minute) frequent sessions vs. annual marathon

Step 3: Deploy Training Platform

Configure KnowBe4/Proofpoint SAT with organizational groups
Set up automated enrollment workflows
Integrate with LMS for completion tracking
Configure reporting dashboards

Step 4: Run Continuous Simulations

Monthly simulations with varied scenarios
Increase difficulty based on organizational performance
Include diverse attack types: links, attachments, QR codes, BEC

Step 5: Measure and Optimize

Use scripts/process.py to analyze training completion, simulation results, and program effectiveness over time.

Tools & Resources

KnowBe4: https://www.knowbe4.com/
Proofpoint Security Awareness: https://www.proofpoint.com/us/products/security-awareness-training
Cofense PhishMe: https://cofense.com/
SANS Security Awareness: https://www.sans.org/security-awareness-training/
Terranova Security: https://terranovasecurity.com/

Validation

90%+ training completion rate across organization
Measurable reduction in phishing click rate over 6 months
Increase in user phishing report rate
Department-level improvement tracking

4.7 KiB Raw Blame History