mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-11 21:54:56 +03:00
mukul975
2.4 KiB
2.4 KiB
Anti-Phishing Training Program Plan Template
Program Overview
- Organization: [Company Name]
- Program Owner: [CISO / Security Awareness Manager]
- Start Date: [YYYY-MM-DD]
- Review Cycle: [Quarterly / Semi-annual]
Baseline Metrics
| Metric | Current Value | 6-Month Target | 12-Month Target |
|---|---|---|---|
| Phish Click Rate | % | % | <5% |
| Submit Rate | % | % | <2% |
| Report Rate | % | % | >60% |
| Training Completion | % | 90% | 95% |
| Repeat Offenders | % | % | <3% |
Training Curriculum
| Module | Audience | Duration | Frequency | Platform |
|---|---|---|---|---|
| Phishing Basics | All employees | 15 min | Annual + new hire | |
| BEC/Wire Fraud | Finance | 20 min | Quarterly | |
| Executive Threats | C-suite/VPs | 10 min | Quarterly | |
| IT-Targeted Phishing | IT Staff | 20 min | Quarterly | |
| Credential Protection | All employees | 10 min | Semi-annual | |
| Mobile Threats (Smishing) | All employees | 10 min | Annual |
Simulation Schedule
| Month | Scenario Type | Difficulty | Target Group |
|---|---|---|---|
| Jan | Password reset | Easy | All employees |
| Feb | Vendor invoice | Medium | Finance |
| Mar | IT notification | Easy | All employees |
| Apr | Package delivery | Easy | All employees |
| May | Executive request | Hard | Finance + Admin |
| Jun | Cloud storage share | Medium | All employees |
| Jul | HR policy update | Easy | All employees |
| Aug | Tax document | Medium | All employees |
| Sep | Conference invite | Medium | All employees |
| Oct | Security alert | Hard | IT Staff |
| Nov | Benefits enrollment | Medium | All employees |
| Dec | Holiday promotion | Hard | All employees |
Escalation Policy for Repeat Offenders
| Offense | Action | Responsible |
|---|---|---|
| First click | Just-in-time training + auto-enroll in module | Automated |
| Second click | Enhanced training + coaching offer | Security team |
| Third click | Mandatory training + manager notification | HR + Security |
| Fourth+ click | Access review + remediation plan | HR + IT + Security |
Budget
| Item | Annual Cost |
|---|---|
| Training platform license | $ |
| Simulation platform | $ |
| Content development | $ |
| Program administration | $ |
| Rewards/recognition | $ |
| Total | $ |
Reporting Schedule
- Monthly: Simulation results to security team
- Quarterly: Department-level report to leadership
- Annually: Full program assessment and ROI report to board