Lessons Learned from State of the Phish

Karina Edwards is a Sr. Information Security Analyst at an international financial services group. In her role, she is responsible for the development and execution of a global information security awareness and training program. Together with another team member, she promotes greater security of company’s data, client information, and associated assets through continuous education using a behavior change model to reduce the company’s inherent “human” risk. Karina has been in her current role of supporting the global awareness and training program since 2019. Prior to that, she worked for large organizations in various industries such as Telecom, Healthcare, and Aerospace focusing primarily on IT Operations. Karina holds a Master of Science Degree in Systems Management from the University of Southern California and a Certification of Security Awareness Professional from SANS Institute.

Steve McGrath is an Information Security Analyst with a multinational commercial property insurance company. He supports a global cybersecurity training, education, and awareness program, as well as security and risk reporting. Steve directly supports the organization’s commitment to promoting a security conscious culture, working to deliver the right message, to the right people, at the right time. His team is responsible for researching, creating, and communicating a wide variety of interesting and applicable cybersecurity content to keep employees engaged. He is a frequent presenter and educator to internal audiences, helping people understand how small changes can make a big impact. He is responsible for running monthly phishing simulations and follow-up activities to re-enforce desired behaviors. Steve has been working in IT for 30 years, with the past ten years dedicated to Information Security and Security Awareness.