Exposing the Bait: A Qualitative Look at the Impact of Autonomous Peer Communication to Enhance Organizational Phishing Detection

Conference:  BlackHat USA 2018



The Ambassador Program at Mayo Clinic has been successful in improving information security awareness among employees and reducing turnover rates.
  • The Ambassador Program at Mayo Clinic aims to improve information security awareness among employees.
  • The program uses newsletters, security alerts, and peer-to-peer communication to deliver information.
  • Ambassadors are selected based on their interest in information security and their ability to communicate effectively.
  • The program has been successful in reducing turnover rates and improving job satisfaction among ambassadors.
  • The program is based on the job characteristic model, which emphasizes the importance of meaningful work, personal responsibility, and knowledge of results.
  • The program has been successful in achieving these psychological states and improving job satisfaction among ambassadors.
The survey conducted among ambassadors found that 75% of them chose to share information with their peers as soon as possible, and 67% perceived the program to have a positive impact on the organization. Some ambassadors noted that their peers' phishing detection had improved, and there was an increased level of confidence among employees. The program has also been successful in reducing turnover rates, with many ambassadors staying in their roles for more than a year.


The purpose of an information security awareness program serves to protect business data through user education to properly handle constant information security threats and to minimize its impact to the individual and the organization. Past research has not offered comprehensive studies involving an established security awareness program that uses both end user training and marketing tools to communicate and create awareness. Instead, these studies focused on the impact of data loss and addressing the importance of establishing user awareness.The Office of Information Security at Mayo Clinic has established an ongoing enterprise-wide security awareness program. With the help of Information Security Ambassadors to assist in the delivery of this message, the study explores the lived experiences of this peer group to determine the impact of autonomous peer influence as it relates to phishing detection than to rely on technology alone.Significance of this research will help identify if and how much peer influence promotes learning and user adaptation to safeguard users from malicious phishing in both the business and the private environment. This phenomenological approach aims to assist in the designing of a multifaceted security awareness approach to promote behavior change among a diverse population.