Training information security for employees who do not have a basic understanding is a
laborious process. Employees who are sent for training usually consider computer security
as someone else’s problem that is not related to them, abstracted from it and, in principle,
do not understand their impact on the computer security of the organization as a whole.
Improving the effectiveness of staff training on the job is an urgent modern task. In the
article the authors present the results of a study on the effectiveness of using integrated
training for advanced training programs that implement extended education. Integrated
training is considered on the example of training in protection against phishing attacks.
Phishing has now become one of the most common threats for information security.
The authors note that participants who watched the video recognized phishing emails
much better than those who familiarized themselves with the instructions.
The results presented in the article indicate that the integrated learning contributes to
the acquisition of knowledge, its preservation and transmission, what allows to effectively
identify phishing messages without incorrect identification of legitimate messages and
the participants in the integrated training have learned to efficiently detect phishing
To measure the residual knowledge a comparison was made between the effectiveness
of a phishing account and legitimate emails before training, immediately after graduation
and after a week. The results show that participants in the integrated training were able
to save the knowledge and use it in order to recognize phishing and legitimate messages
even after a weekly interval, while participants in other groups did not improve their results.
It is shown that the training method is an important factor determining the effectiveness
of antiphishing training.
Keywords: integrated training; staff training on the job; information security; phishing; anti-phishing training; learning assessment
Deputy Head of the Research Institute of the Federal Penal Service of Russia, Dsc. in Pedagogy, Associate Professor.
, e-mail firstname.lastname@example.org
Senior Researcher of the Research Institute of the Federal Penal Service of Russia, Dsc. in Pedagogy, Professor.
, e-mail email@example.com
Leading Researcher of the Research Institute of the Federal Penal Service of Russia, PhD. in Physics and Mathematics.
, e-mail firstname.lastname@example.org
1. Vilkova A. V., Litvishkov V. M., SHvyrev B. A. Problemy nepreryvnogo obucheniya personala informacionnoj bezopasnosti
[Problems of continuous training of information security personnel]. Mir nauki, kul’tury, obrazovaniya – World of science,
culture, education, 2019, no. 4 (77), pp. 29–31. (In Russ.).
2. Doktrina informacionnoj bezopasnosti Rossijskoj Federacii [Information Security Doctrine of the Russian Federation].
Available at: https://rg.ru/2016/12/06/doktrina-infobezobasnost-site-dok.html (accessed 15.01.2020). (In Russ.).
3. SHvyrev B. A. Obrazovatel’nye potrebnosti v informacionnoj bezopasnosti [Educational Information Security Needs].
Mezhdunarodnyj zhurnal gumanitarnyh i estestvennyh nauk – International Journal of Humanities and Natural Sciences,
2019, no. 5-1, pp. 31–33. (In Russ.).
4. SHvyrev B. A. Osnovnye ponyatiya nacional’noj kiberbezopasnosti gosudarstv, vhodyashchih v Severo-Atlanticheskij
al’yans [Basic concepts of national cybersecurity of the states belonging to the North Atlantic Alliance]. Krasnodar, Moscow,
2018. 114 p. (In Russ.).
5. Criteria for Measurement for CAE in Cyber Operations Advanced. Available at: https://www.nsa.gov/resources/studentseducators/centers-academic-excellence/cae-co-advanced/ (accessed 15.01.2020). (In Eng.).
6. Cyber Skills. Available at: https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_
data/file/808985/Sector_Specific_Guidance__Cyber_Skills.pdf (accessed 15.01.2020). (In Eng.).
7. Learn about NSA’s university-level research partnerships. Available at: https://www.nsa.gov/resources/studentseducators/research-partnership/ (accessed 15.01.2020). (In Eng.).
8. NSA Partners with Schools. Available at: https://www.nsa.gov/resources/students-educators/centers-academicexcellence/cae-co-advanced/ (accessed 15.01.2020). (In Eng.).
9. Pedley D., McHenry D., Motha H., Shah J. Understanding the UK cyber security skills labour market. Available at: https://
the_UK_cyber_security_skills_labour_market.pdf (accessed 15.01.2020). (In Eng.).
10. Policy paper «Initial National Cyber Security Skills Strategy: increasing the UK’s cyber security capability – a call for
views, Executive Summary. Available at: https://www.gov.uk/government/publications/cyber-security-skills-strategy/
initial-national-cyber-security-skills-strategy-increasing-the-uks-cyber-security-capability-a-call-for-views-executivesummary (accessed 15.01.2020). (In Eng.).
11. Craig, R. The history of training, in The ASTD Training and Development Handbook. New York, 1996. 1071 p. (In Eng.).
12. Skudalova O. V., Malanina Y. N., Tsibizova T. Y., Vilkova A. V., Litvishkov V. M., Shvyrev B. A., Poliakova I. V. Personal
factor of a social entrepreneur in the context of the inclusive economy development. International Journal of Innovative
Technology and Exploring Engineering, 2019, vol. 8, no. 8, pp. 2996–3002. (In Eng.).