U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications by: Jody Jacobs (Fed)

Search Title, Abstract, Conference, Citation, Keyword or Author
Displaying 1 - 25 of 46

Workshop Summary Report for ConnectCon 2024: "Minding the Gaps in Human-Centered Cybersecurity"

April 7, 2025
Author(s)
Julie Haney, Matthew Canham, Mike Elkins, Lisa Flynn, Matthew Gordin, Victoria Granova, Wenjing Huang, Jody Jacobs, Greg Moody, Ann Rangarajan, Michael Ross, Robert Thomson, Joe Uchill
In August 2024, the National Institute of Standards and Technology (NIST) co-sponsored ConnectCon, an interactive workshop that facilitated meaningful conversations and connections between researchers and practitioners on the topic of human-centered

NIST Phish Scale User Guide

November 15, 2023
Author(s)
Shanee Dawkins, Jody Jacobs
The phishing cyber threat exploits vulnerabilities in the U.S. and around the world across private and public sectors. Embedded phishing awareness training programs, where simulated phishing emails are sent to employees, are designed to prepare employees

Can you Spot a Phish?

September 26, 2023
Author(s)
Jody Jacobs, Shanee Dawkins
This talk will cover findings from over 4 years of NIST phishing training data, highlighting user context as the key to phishing susceptibility. We will discuss the NIST Phish Scale, our research on why users click, and how it can help users spot a phish.

Phishing for User Context: Understanding the NIST Phish Scale

August 23, 2023
Author(s)
Shanee Dawkins, Jody Jacobs
The NIST Phish Scale is a method for measuring human phishing detection difficulty, providing a metric – a phishing email detection difficulty rating – for phishing training implementers to gain a better understanding of the variability in click rates

How to Scale a Phish: An Investigation into the Use of the NIST Phish Scale

August 7, 2023
Author(s)
Shanee Dawkins, Jody Jacobs
Organizations around the world are using the NIST Phish Scale (NPS) in their phishing awareness training programs. As a new metric for measuring human phish-ing detection difficulty of phishing emails, the use of the NPS by phishing training implementers

Peering into the Phish Bowl: An Analysis of Real-World Phishing Cues

August 7, 2023
Author(s)
Lorenzo Neil, Shanee Dawkins, Jody Jacobs, Julia Sharp
Organizations use simulated phishing awareness train-ing exercises to help users identify, detect, and defend against the ever-changing phishing threat landscape. Realistic phishing emails are used to test users' ability to spot a phish from visible cues

Phishing With a Net: The NIST Phish Scale and Cybersecurity Awareness

April 25, 2023
Author(s)
Shanee Dawkins, Jody Jacobs
Orienting an entire organization toward sound security practices is an important, but non-trivial undertaking. A starting point for many organizations is to build a robust security awareness program, training employees to recognize and respond to security

Can You Spot a Phish

October 19, 2022
Author(s)
Shanee Dawkins, Jody Jacobs
This talk will cover findings from over 4 years of NIST phishing training data, highlighting user context as the key to phishing susceptibility. We will discuss the NIST Phish Scale, our research on why users click, and how it can help users spot a phish.

NIST Cybersecurity Role-based Training Study Presentation

May 20, 2022
Author(s)
Jody Jacobs, Julie Haney, Susanne M. Furman
This presentation is for the May 17, 2022 Federal Information Security Educators (FISSEA) Spring Forum hosted by NIST. This presentation will present our preliminary findings from our Role-Based Training Study.