
Courses, Clicks and Consequences: Empiricizing Enterprise Security
From Cybercrimeology by Cybercrimeology
November 1, 2025 · 1h 4m · Episode 123
About this episode
The episode features a discussion with Dr Grant Ho about evaluating anti-phishing training in a health organization.
We speak with Dr Grant Ho from the University of Chicago about a large-scale field evaluation of anti-phishing training inside a major health organisation. The conversation examines annual awareness training, embedded “teach-at-click” exercises, and the role that engagement plays in any observed benefit. We also discuss how to measure programme value realistically and why careful experimental design matters when organizations make investment decisions.
People in this episode
Guest: Dr Grant Ho
Topics covered
- anti-phishing training
- enterprise security
- awareness training
- experimental design
- program evaluation
Keywords
- cybersecurity
- phishing
- training evaluation
- engagement
- organizational investment
Mentioned in this episode
Organizations: University of Chicago, major health organisation
More episodes of Cybercrimeology
- No News is Bad News: AI Agents, Information Value, Accountability & Democracy · June 1, 2026 · 34 min
- Public Interest Technology: Making Sense of Security in an AI World · May 1, 2026 · 35 min
- Who You Gonna Call?: Cybercrime Types and Expectations of Police Response · April 1, 2026 · 31 min
- Disordered Sense-Making: Conflict Narratives in the Digital Era · March 1, 2026 · 36 min
- Beyond “The Cybercriminal”: Understanding Diversity in Cyber Offenders · February 1, 2026 · 25 min
- Systematically Improving Cybersecurity Training · January 1, 2026 · 49 min
Explore listener stats, chart rankings, contacts and more on the Cybercrimeology podcast page.