This outcome indicates that the employees are more aware of the signs and techniques of social engineering and are able to report them to the appropriate authorities. This also helps to prevent successful attacks and reduce the impact of potential breaches.
[References: The CISM Review Manual 2023 states that “security awareness training should include information on how to identify and report social engineering attempts” and that “the effectiveness of security awareness training can be measured by the number and quality of reported incidents” (p. 121). The CISM Review Questions, Answers & Explanations Manual 2023 also provides the following rationale for this answer: “An increase in reported social engineering attempts is the best indicator that the security awareness training program has been effective, as it shows that the employees are more vigilant and proactive in detecting and reporting such attempts” (p. 45)., , , , , , , , ]
Submit