mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-11 13:44:56 +03:00
mukul975
126 lines
3.1 KiB
Markdown
126 lines
3.1 KiB
Markdown
# Workflows: Anti-Phishing Training Program
|
|
|
|
## Workflow 1: Annual Program Lifecycle
|
|
|
|
```
|
|
Q1: Baseline & Planning
|
|
+-- Run baseline phishing simulation
|
|
+-- Assess current awareness maturity level
|
|
+-- Define annual targets and KPIs
|
|
+-- Select/renew training platform
|
|
+-- Design curriculum by role and department
|
|
|
|
|
Q2: Foundation Training
|
|
+-- Deploy core phishing awareness modules
|
|
+-- Run monthly simulations (easy difficulty)
|
|
+-- Launch phishing report button
|
|
+-- Begin tracking metrics
|
|
|
|
|
Q3: Advanced Training
|
|
+-- Role-specific training (finance, IT, executives)
|
|
+-- Increase simulation difficulty
|
|
+-- Recognize security champions
|
|
+-- Mid-year metrics review
|
|
|
|
|
Q4: Assessment & Optimization
|
|
+-- Run year-end assessment simulation
|
|
+-- Compare against baseline
|
|
+-- Generate annual report
|
|
+-- Identify gaps for next year
|
|
+-- Present ROI to leadership
|
|
```
|
|
|
|
## Workflow 2: Just-in-Time Training Flow
|
|
|
|
```
|
|
User interacts with simulated phishing email
|
|
|
|
|
v
|
|
[Did user click the link?]
|
|
|
|
|
+-- NO (ignored or reported) --> Positive outcome tracked
|
|
| |
|
|
| +-- [Did user report it?]
|
|
| +-- YES --> Send congratulations, award points
|
|
| +-- NO --> No action (not a failure)
|
|
|
|
|
+-- YES (clicked link)
|
|
|
|
|
v
|
|
[Landing page shows "This was a test"]
|
|
|
|
|
v
|
|
[Immediate micro-training module (2-3 min)]
|
|
+-- What red flags were present
|
|
+-- How to identify similar emails
|
|
+-- How to report suspicious emails
|
|
|
|
|
v
|
|
[Auto-enroll in refresher course within 7 days]
|
|
|
|
|
v
|
|
[Manager receives aggregate report (not individual names)]
|
|
|
|
|
v
|
|
[User included in next simulation cycle]
|
|
```
|
|
|
|
## Workflow 3: Repeat Offender Escalation
|
|
|
|
```
|
|
User fails first simulation
|
|
|
|
|
+-- Standard just-in-time training
|
|
+-- Auto-enrolled in awareness module
|
|
|
|
|
User fails second simulation (within 6 months)
|
|
|
|
|
+-- Enhanced training assignment
|
|
+-- One-on-one coaching session offered
|
|
+-- Manager notification (private)
|
|
|
|
|
User fails third simulation
|
|
|
|
|
+-- Mandatory extended training
|
|
+-- Access restrictions considered (additional MFA, restricted permissions)
|
|
+-- HR involvement per policy
|
|
+-- Monthly targeted simulations
|
|
|
|
|
User passes subsequent simulation
|
|
|
|
|
+-- Return to normal simulation schedule
|
|
+-- Positive reinforcement
|
|
```
|
|
|
|
## Workflow 4: Metrics-Driven Optimization
|
|
|
|
```
|
|
Monthly Data Collection
|
|
|
|
|
+-- Simulation results (click, submit, report rates)
|
|
+-- Training completion rates
|
|
+-- User-reported real phishing volume
|
|
+-- Help desk phishing tickets
|
|
|
|
|
v
|
|
[Analyze by dimensions]
|
|
+-- Department breakdown
|
|
+-- Role/seniority breakdown
|
|
+-- Location breakdown
|
|
+-- Trend over time
|
|
|
|
|
v
|
|
[Identify patterns]
|
|
+-- Which departments are improving?
|
|
+-- Which scenarios are most effective?
|
|
+-- Are repeat offenders decreasing?
|
|
+-- Is report rate increasing?
|
|
|
|
|
v
|
|
[Adjust program]
|
|
+-- Increase difficulty for high-performing groups
|
|
+-- More training for struggling departments
|
|
+-- New scenario types for common gaps
|
|
+-- Update content for new threat trends
|
|
```
|