Abstract
Purpose
The purpose of this study is to explore how security practitioners share information about sophisticated phishing attacks and what opportunities and barriers are in place for them to do so.
Design/methodology/approach
For this study, a qualitative research design was chosen to explore the experiences, perceptions and practices of cybersecurity practitioners in dealing with sophisticated phishing attacks. Semi-structured interviews were conducted with 13 cybersecurity practitioners (8 were from the UK and 5 were from India) as the primary method of data collection.
Findings
The results indicate that the phishing threats intercepted before the employee interaction are typically not disclosed to the employee by the security practitioners. Practitioners face challenges in sharing information about phishing attempts and incidents due to privacy concerns, ongoing investigations and potential reputational damage.
Research limitations/implications
The insights obtained from this work are not generalisable to all UK or Indian security practitioners.
Practical implications
The results of this study can be used for developing phishing prevention techniques for briefing targeted employee with a personalised message giving details of the attacks and security guideline.
Social implications
This study results can help build trust and understanding between security practitioners and other employees, leading to more effective collaboration in preventing and responding to sophisticated attacks.
Originality/value
The insights from cybersecurity practitioners highlight significant limitations and hesitations in sharing information about phishing incidents to the targeted employees. The importance of transparent communication, especially in the context of sophisticated attacks, is discussed.
The purpose of this study is to explore how security practitioners share information about sophisticated phishing attacks and what opportunities and barriers are in place for them to do so.
Design/methodology/approach
For this study, a qualitative research design was chosen to explore the experiences, perceptions and practices of cybersecurity practitioners in dealing with sophisticated phishing attacks. Semi-structured interviews were conducted with 13 cybersecurity practitioners (8 were from the UK and 5 were from India) as the primary method of data collection.
Findings
The results indicate that the phishing threats intercepted before the employee interaction are typically not disclosed to the employee by the security practitioners. Practitioners face challenges in sharing information about phishing attempts and incidents due to privacy concerns, ongoing investigations and potential reputational damage.
Research limitations/implications
The insights obtained from this work are not generalisable to all UK or Indian security practitioners.
Practical implications
The results of this study can be used for developing phishing prevention techniques for briefing targeted employee with a personalised message giving details of the attacks and security guideline.
Social implications
This study results can help build trust and understanding between security practitioners and other employees, leading to more effective collaboration in preventing and responding to sophisticated attacks.
Originality/value
The insights from cybersecurity practitioners highlight significant limitations and hesitations in sharing information about phishing incidents to the targeted employees. The importance of transparent communication, especially in the context of sophisticated attacks, is discussed.
| Original language | English |
|---|---|
| Number of pages | 16 |
| Journal | Information and Computer Security |
| Early online date | 25 Sept 2025 |
| DOIs | |
| Publication status | E-pub ahead of print - 25 Sept 2025 |
Keywords
- Spear phishing
- Transparent communication
- Cybersecurity practitioners
- Incident reporting
- Lateral phishing