creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-12 06:04:56 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
d5f3fa32486ea335db802d68fe2147fa2da69583
Anthropic-Cybersecurity-Skills/skills/implementing-anti-phishing-training-program/SKILL.md
T
mukul975 efca3ec611 feat: add NIST CSF 2.0 nist_csf field to all 754 cybersecurity skills 
Mapped every skill to NIST CSF 2.0 subcategory IDs (GV/ID/PR/DE/RS/RC functions)
based on subdomain and content analysis. Restores 11 skills corrupted during
prior rebase, re-enriching with ATLAS, D3FEND, NIST AI RMF, and CSF 2.0 fields.

All 754 skills now carry structured mappings for all 5 security frameworks:
- MITRE ATT&CK (in tags)
- MITRE ATLAS v5.5 (atlas_techniques)
- MITRE D3FEND v1.3 (d3fend_techniques)
- NIST AI RMF 1.0 (nist_ai_rmf)
- NIST CSF 2.0 (nist_csf)
2026-04-06 11:17:40 +02:00

4.2 KiB
Raw Blame History

name, description, domain, subdomain, tags, version, author, license, nist_csf
name description domain subdomain tags version author license nist_csf
implementing-anti-phishing-training-program Security awareness training is the human layer of phishing defense. An effective anti-phishing training program combines regular simulations, interactive learning modules, metric tracking, and positiv cybersecurity phishing-defense
phishing
email-security
social-engineering
dmarc
awareness
training
security-culture
1.0 mahipal Apache-2.0
PR.AT-01
DE.CM-09
RS.CO-02
DE.AE-02

Implementing Anti-Phishing Training Program

Overview

Security awareness training is the human layer of phishing defense. An effective anti-phishing training program combines regular simulations, interactive learning modules, metric tracking, and positive reinforcement to build a security-conscious culture. This skill covers designing, deploying, and measuring a comprehensive phishing awareness program using platforms like KnowBe4, Proofpoint Security Awareness, and open-source alternatives.

When to Use

  • When deploying or configuring implementing anti phishing training program capabilities in your environment
  • When establishing security controls aligned to compliance requirements
  • When building or improving security architecture for this domain
  • When conducting security assessments that require this implementation

Prerequisites

  • Management buy-in and budget approval
  • Security awareness training platform (KnowBe4, Proofpoint SAT, Cofense)
  • Employee email list and organizational structure
  • Baseline phishing susceptibility data (from initial simulation)
  • Learning management system (LMS) integration capability

Key Concepts

Training Program Pillars

  1. Baseline Assessment: Initial phishing simulation to measure current susceptibility
  2. Interactive Training: Role-based modules covering phishing identification
  3. Regular Simulations: Monthly/quarterly phishing tests with progressive difficulty
  4. Just-in-Time Learning: Immediate training after a user fails a simulation
  5. Positive Reinforcement: Recognition for reporting phishing correctly
  6. Metrics & Reporting: Track improvement over time by department and role

SANS Security Awareness Maturity Model

  • Level 1: Non-existent - No program
  • Level 2: Compliance-focused - Annual checkbox training
  • Level 3: Promoting Awareness - Engaging, regular content
  • Level 4: Long-term Sustainment - Continuous program with culture change
  • Level 5: Metrics Framework - Risk-based measurement and optimization

Workflow

Step 1: Establish Baseline

  • Run initial phishing simulation across all departments
  • Measure click rate, submit rate, and report rate
  • Identify high-risk departments and roles

Step 2: Design Curriculum

  • General awareness: Phishing identification basics for all employees
  • Role-specific: Finance (BEC/wire fraud), IT (credential phishing), Executives (whaling)
  • Progressive difficulty: Beginner, intermediate, advanced modules
  • Micro-learning: Short (3-5 minute) frequent sessions vs. annual marathon

Step 3: Deploy Training Platform

  • Configure KnowBe4/Proofpoint SAT with organizational groups
  • Set up automated enrollment workflows
  • Integrate with LMS for completion tracking
  • Configure reporting dashboards

Step 4: Run Continuous Simulations

  • Monthly simulations with varied scenarios
  • Increase difficulty based on organizational performance
  • Include diverse attack types: links, attachments, QR codes, BEC

Step 5: Measure and Optimize

Use scripts/process.py to analyze training completion, simulation results, and program effectiveness over time.

Tools & Resources

Validation

  • 90%+ training completion rate across organization
  • Measurable reduction in phishing click rate over 6 months
  • Increase in user phishing report rate
  • Department-level improvement tracking
Reference in New Issue View Git Blame Copy Permalink