–
Room P3.10, Mathematics Building
Phishing remains one of the most effective cyber threats, affecting millions of organizations. Phishing education, training, and awareness programs are used to address employees’ lack of knowledge about phishing attacks. However, despite being very expensive, these interventions are not always effective, mainly due to the lack of customization of training materials based on the employees’ needs and profiles. In fact, creating customized training content for each employee and each context would require a huge effort from security practitioners and educators thus increasing costs even more. The proposal we present in this talk is to use Large Language Models to automate some steps in the design process of training content, which is tailored to the specific user profile. Joint work with Giuseppe Desolda and Francesco Greco of the University of Bari.