Defining Your Overarching Goal for Email Phishing Testing

Great article by Kevin Beaver on Toolbox.com:

Defining Your Overarching Goal for Email Phishing Testing

"Are you among the relatively small number of organizations that performs email phishing tests against your users? If so, why do you do it? The easy answer is to, of course, to minimize your information security risks. So, you go about testing your users’ gullibility, train them on why they should not respond to such emails, and you’re done, right? In a nutshell, yes. However, if you are going to get the most out of your email phishing testing you need to have specific end goals in mind. There is likely more testing that needs to be done."