As a government institution in the field of civil servant management, XYZ Institution has data on 4.4 million Employees spread throughout Indonesia which needs to be maintained. Based on the BSSN report, there has been a significant increase in potential threats in recent years and is expected to continue in 2024, one of which is the threat of Phishing. This research was conducted to measure the level of information security awareness (ISA) for employees at xyz institution. Phishing simulations and questionnaires are used to measure the level of ISA and how to provide ISA education so that it can increase the level of ISA employees. Simulation results will be compared before and after the provision of ISA education. The results of providing education have a positive impact for employees. Simulation before providing education there were 65% of employees clicking on phishing urls and after education there was a decrease to 17%. While employees who were exposed to phishing before education were 33% and after education there was a decrease to 16%. In addition, the questionnaire filled out by 150 employees showed results with a value of 86.54% for the level of ISA employee, which is in the good category
Read full abstract