User Training

Train users to be aware of access or manipulation attempts by an adversary to reduce the risk of successful spearphishing, social engineering, and other techniques that involve user interaction.

ID: M0917
Version: 1.0
Created: 06 June 2019
Last Modified: 24 October 2022

Techniques Addressed by Mitigation

Domain ID Name Use
ICS T0811 Data from Information Repositories

Develop and publish policies that define acceptable information to be stored in repositories.

ICS T0865 Spearphishing Attachment

Users can be trained to identify social engineering techniques and spearphishing emails.

ICS T0863 User Execution

Use user training as a way to bring awareness to common phishing and spearphishing techniques and how to raise suspicion for potentially malicious events.