Even DHS Insiders Can Be Too Casual With Email
Paul Beckman, the U.S. Department of Homeland Security’s Chief Information Security Officer, has a method for keeping his staff alert to online fraudsters. Beckman, says ThreatPost, “periodically sends his own staff bogus-looking phishing emails to see who falls for them, and that a handful of higher ups, senior managers, and other VIPS, often do – repeatedly.”
“These are emails that look blatantly to be coming from outside of DHS – to any security practitioner, they’re blatant, but to these general users, you’d be surprised at how often I catch these guys,” Beckman told a cybersecurity conference audience.” Those who fail the test have to take a mandatory online security training class, “but Beckman is campaigning for chronic offenders to lose their top secret security clearance.”