Why So Many Employee Phishing Training Initiatives Fall Short
Security Boulevard, Thursday, March 20th, 2025
During the work-from-home boom of 2020, GitLab, a company that largely employs tech-savvy individuals, decided to test its security by sending fake phishing messages to its WFH workers.
About one out of every five tested employees fell for it, and only 12% reported the emails to GitLab security, signaling that human emotion often overrides technical expertise when it comes to social engineering attacks.
As the risk of phishing has only grown as a significant issue, many organizations started rolling out employee phishing training programs to help staff recognize and avoid attempted breaches. However, phishing attacks have not slowed down as a result. In fact, they are still the number one cause of data breaches.