User Education Effectiveness Can Be Measured

User Education Effectiveness Can Be Measured

Spearphishing, phishing, and poor password practices make up a significant portion of the attacks that successfully undermine enterprise security. Enterprises deploy a variety of technologies that attempt to protect the network, their intellectual property, and customer data. As security technologies improve, criminals increasingly attack the weakest link, the user. One of the crucial defenses against attacks targeting users, education, is largely ignored or underutilized. IT professionals have generally failed to employ appropriate educational practices and almost universally neglect the measurement of the results of education.

As with all NSS Labs group tests, there was no fee for participation. All testing was conducted independently and was not paid for by any vendor.