CPPJ

Abstract: This paper presents the design, implementation, and evaluation of PhishBusters, a comprehensive phishing awareness training program specifically developed for non-technical employees in organizational settings. The program employs a multi-faceted pedagogical approach that combines theoretical knowledge, hands-on exercises, and gamified learning to enhance participants' ability to identify and respond to phishing attempts. Through three structured training sessions, participants engage with realistic phishing simulations, interactive quizzes, and collaborative group discussions, fostering both individual skill development and peer learning. The effectiveness of the training program is demonstrated through comprehensive pre and post-assessment results, showing significant improvement in participants' ability to detect phishing attempts. The paper details the curriculum design process, implementation challenges, and participant feedback, providing practical insights into effective cybersecurity training methodologies. This case study contributes to the growing body of knowledge in cybersecurity education by demonstrating how well-designed training programs can successfully enhance organizational security awareness and reduce phishing susceptibility among non-technical staff.

Download this article: CPPJ - V4 N2 Page 36.pdf

Recommended Citation: Montes, M., Xu, S., (2025). PhishBusters: A Comprehensive Approach to Phishing Awareness Training in Organizational Settings. Cybersecurity Pedagogy and Practice Journal 4(2) pp 36-50. https://doi.org/10.62273/JUZT9288