Ethics of Phishing Simulations

This chapter examines the dangers of corporate private instances of large language models and the ethical implications of phishing simulations in the workplace. It discusses the punitive approach some companies take towards employees who fail phishing tests, advocating for a more supportive training methodology that acknowledges human error. The speakers argue against the effectiveness of current training methods, emphasizing the need for a reevaluation of practices that may lead to negative consequences for both users and security teams.