Cybersecurity Awareness Program: Phishing Simulation Implementation
As part of our ongoing commitment to cybersecurity excellence, we are implementing a comprehensive phishing simulation program using the Guardz security platform. This initiative will help protect our organisation and enhance our collective cyber awareness through realistic training scenarios, just-in-time education, and a supportive learning environment. This document outlines what you can expect, how to respond to suspicious emails, and answers common questions about the program implementation.
Program Overview & What to Expect
1
Program Objectives
Enhance your ability to identify and respond to phishing attempts through practical, real-world scenarios while building a culture of cybersecurity awareness where everyone plays an active role in protecting our organisation.
2
Simulation Details
You'll receive realistic-looking (but completely safe) phishing emails at random times during business hours, sent approximately monthly or quarterly with varied scenarios to keep the training relevant and effective.
3
Just-in-Time Training
If you interact with a simulated phishing email, you'll receive immediate, targeted training to help improve your awareness. This isn't about catching you out - it's about helping you learn in a practical way!
How to Respond to Suspicious Emails
DO
- Stop and think before clicking links or opening attachments
- Verify sender identity through alternate means if unsure
- Report suspicious emails to IT Support immediately
- Check for spelling errors, urgent language, or unusual requests
DON'T
- Click on links or download attachments from unknown senders
- Provide personal or company information via email
- Forward suspicious emails to colleagues
- Panic if you accidentally click a simulation - it's a learning opportunity
Implementation Timeline
The above timeline shows our phased approach to implementing the phishing simulation program. We'll begin with an initial announcement phase, followed by educational resources before launching our first simulations. Regular reviews and training updates will ensure the program remains effective and relevant to current threats.
Remember: Cybersecurity is everyone's responsibility. By participating in this program, you're not just protecting yourself - you're protecting our entire organisation, our clients, and our reputation. We're all in this together!
FAQ & Your Role in the Program
What happens if I click on a simulated phishing email?
No worries, mate! You'll be redirected to a safe landing page explaining it was a simulation, followed by brief, relevant training materials. This is not a disciplinary issue - it's a learning opportunity to help you spot similar attempts in the future.
How do I know if an email is a simulation or a real threat?
You shouldn't try to distinguish between them. Treat all suspicious emails with the same level of caution and report them through proper channels. This ensures consistent security practices that protect our organisation.
Will my manager be notified if I fail a simulation?
Individual results are kept confidential. Only aggregated, anonymised data is shared for organisational improvement purposes. The focus is on learning, not punishment or singling anyone out.
More Common Questions
How often will these simulations occur?
Simulations will typically run monthly or quarterly, with varied timing and content to maintain effectiveness. You won't receive advance notice as this mirrors real-world scenarios.
What if I accidentally forward a simulation to a colleague?
Contact IT Support immediately. Simulations are designed to be contained, but we can provide guidance and ensure no disruption to business operations.
Your Role & Our Expectations
We Expect You To:
- Participate actively in the program
- Apply cybersecurity best practices daily
- Complete any assigned training promptly
- Report suspicious emails to IT Support
- Share your feedback on the program
You Can Expect Us To:
- Provide clear, actionable training materials
- Maintain confidentiality of individual results
- Offer prompt support when needed
- Focus on learning, not blame
- Keep the program engaging and even a bit fun!
"The best defence against phishing isn't just technology - it's educated and vigilant people."
We're excited to strengthen our digital defences together through this important initiative!
Need Assistance? Contact Us!
For any questions or support regarding the Cybersecurity Awareness Program or to report suspicious activity, please reach out to our IT Support team:
Email: Support@tcd.com.au
Our Chat Support: www.thecomputerdepartment.com.au
Document Version 1.0 | Implementation Date: [Insert Date]