If a single click on a phishing email can ruin the entire company, the blame doesn’t lie with that individual.

  • hipsterdoofus
    link
    fedilink
    arrow-up
    30
    ·
    edit-2
    5 months ago

    In my time as a cybersecurity professional, my approach is always to blame the system, not the person.

    If they clicked on a phishing link: 1) that email should never have reached their inbox, 2) that link should never have loaded, and 3) our awareness training is not up to snuff.