Adapting to AI-Driven Threats: Dr. Joshua Scarpino’s Take on Cybersecurity

In this podcast episode, Dr. Joshua Scarpino, CISO of TrustEngine, dives deep into the evolving landscape of cybersecurity, emphasizing the importance of adaptive, ongoing security awareness training. With cyber threats growing more sophisticated, Dr. Scarpino explains why traditional once-a-year training methods often fall short in preparing employees for today’s challenges.

“We have ongoing monthly phishing training… to ensure that employees are facing relevant, increasingly complex threats,” says Dr. Scarpino." He believes that continuous, bite-sized training throughout the year is far more effective, especially when it’s tailored to the actual risks employees encounter in their roles.

Dr. Scarpino also discusses the importance of personalizing training to drive engagement. “By focusing on relevant, personal security risks, we create a more engaged culture of security across the organization.” When employees see how security awareness impacts their personal lives—whether it’s protecting their personal accounts or their family’s data—they’re more likely to apply those lessons in the workplace.

AI-driven threats are also a growing concern, and Dr. Scarpino notes that security training needs to evolve in tandem with these technological advancements. He highlights the challenges posed by artificial intelligence, which is enabling attackers to craft more targeted and convincing phishing attempts.

5 Key Takeaways:

• Bite-sized training is more effective: Breaking down training into smaller, frequent sessions increases retention and engagement.

• Role-based training drives engagement: Training tailored to an employee’s specific job responsibilities is up to 15 times more effective.

• AI and security risks are converging: With the rise of AI-driven threats, security awareness programs must constantly evolve.

• Personal relevance boosts awareness: Connecting security practices to personal risks makes employees more invested in workplace security.

• Ongoing feedback is key: Regular feedback from employees allows security teams to tailor training and address real needs.

PhishFirewall’s Approach:

At PhishFirewall, we share Dr. Scarpino’s philosophy that security awareness training should be ongoing, personalized, and relevant. Our AI-driven, role-based training ensures that employees are continuously engaged and prepared to face the latest threats. With phishing simulations tailored to specific job roles and microlearning sessions that fit into busy schedules, PhishFirewall transforms how companies educate their workforce on security.

This approach not only arms your organization against evolving threats but also helps create a culture of security that extends beyond the office, into the personal lives of your employees. Let PhishFirewall help you build a stronger, more resilient security culture today.

‍