Why Companies Shouldn’t Shame Employees Who Fall for Hacking Scams

Publications

Why Companies Shouldn’t Shame Employees Who Fall for Hacking Scams

Karen Renaud

well-consent

Abstract

When employees are shamed after a cybersecurity lapse, they often respond defensively by withdrawing or getting angry. Cybercriminals send many emails to an organization's employees, hoping to deceive them into clicking on a link or opening an attachment. Sometimes, an employee will do just that. It's what the organization does next that is so crucial.
Link to Paper