Maybe not - but I work in a regulated industry, we had an employee get phished a few years ago, and the regulatory bodies wanted detailed records of all phishing testing and training conducted for the previous 5 years. So for some of us it's a necessary evil.
No comments yet.