{"id":56164,"date":"2024-05-23T19:06:08","date_gmt":"2024-05-23T19:06:08","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/google-guru-roasts-useless-phishing-tests-calls-for-fire-drill-style-overhaul\/"},"modified":"2024-05-23T19:06:08","modified_gmt":"2024-05-23T19:06:08","slug":"google-guru-roasts-useless-phishing-tests-calls-for-fire-drill-style-overhaul","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/google-guru-roasts-useless-phishing-tests-calls-for-fire-drill-style-overhaul\/","title":{"rendered":"Google guru roasts useless phishing tests, calls for fire drill-style overhaul"},"content":{"rendered":"<p>A Google security bigwig has had enough of federally mandated phishing tests, saying they make colleagues hate IT teams for no added benefit.<\/p>\n<p>Matt Linton leads Google&#8217;s security response and incident management division. Tasked with rolling out phishing exercises every year, he believes tests should be replaced by the cybersecurity equivalent of a fire drill.<\/p>\n<p>Today&#8217;s phishing tests more closely resemble the fire drills of the early days, which were more like fire evacuation drills \u2013 sprung upon a building&#8217;s residents with no warning and later blaming them as individuals for their failures.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZlPXDR02k2aPeGYM5zZvKgAAAAs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZlPXDR02k2aPeGYM5zZvKgAAAAs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>Since then, more security features have been fitted to buildings. Linton cited wider doors and their push-bar exit designs, as well as fire sprinklers as examples of innovations that improved a building&#8217;s fire safety. None of these were implemented to improve individual residents&#8217; response to drills, but together they increased survival rates and now fire drills are better planned, well-announced procedures.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xmd=\",fluid,mpu,leaderboard,\" data-lg=\",fluid,mpu,leaderboard,\" data-xlg=\",fluid,billboard,superleaderboard,mpu,leaderboard,\" data-xxlg=\",fluid,billboard,superleaderboard,brandwidth,brandimpact,leaderboard,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZlPXDR02k2aPeGYM5zZvKgAAAAs&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZlPXDR02k2aPeGYM5zZvKgAAAAs&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<div class=\"adun_eagle_desktop_story_wrapper\">\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xxlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZlPXDR02k2aPeGYM5zZvKgAAAAs&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZlPXDR02k2aPeGYM5zZvKgAAAAs&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<\/p><\/div>\n<p>Readers, you can probably see where he&#8217;s going with this. Parallels between these early fire tests and modern-day phishing exercises are clear \u2013 in both cases the burden of responsibility is applied more to the individual rather than the infrastructure around them.<\/p>\n<div class=\"promo_article no_img\">\n<h2 title=\"'Chaos specialist' Linton's e-quip backfires\">Google Spectre whiz kicked out of DEF CON hotel over misunderstood tweet<\/h2>\n<p><a href=\"https:\/\/www.theregister.com\/2018\/08\/10\/google_matt_linton_caesars_def_con\/\"><span>FROM 2018<\/span><\/a><\/div>\n<p>Despite anti-phishing controls being baked into security products and email clients, research points to phishing attacks increasing. Zscaler&#8217;s latest annual <a target=\"_blank\" href=\"https:\/\/www.zscaler.com\/blogs\/security-research\/phishing-attacks-rise-58-year-ai-threatlabz-2024-phishing-report\" rel=\"nofollow noopener\">phishing report<\/a> found the past 12 months saw a 58 percent increase in phishing, and the <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2023\/01\/11\/gpt3_phishing_emails\/\" rel=\"noopener\">wider adoption of AI by cybercriminals<\/a> has driven that surge.<\/p>\n<p>The Federal Risk and Authorization Management Program (FedRAMP) is one of the US organizations that promotes cybersecurity standards. Google maintains FedRAMP compliance and does so, in part, by running phishing tests that follow its guidance, which still claims users &#8220;are the last line of defense and should be tested.&#8221;<\/p>\n<p>Linton argues that there is value in providing staff phishing training, but achieving a 100 percent success rate &#8220;is a likely impossible task.&#8221;<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZlPXDR02k2aPeGYM5zZvKgAAAAs&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZlPXDR02k2aPeGYM5zZvKgAAAAs&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>&#8220;Phishing and Social Engineering aren&#8217;t going away as attack techniques,&#8221; he <a target=\"_blank\" href=\"https:\/\/security.googleblog.com\/2024\/05\/on-fire-drills-and-phishing-tests.html\" rel=\"nofollow noopener\">blogged<\/a>. &#8220;As long as humans are fallible and social creatures, attackers will have ways to manipulate the human factor.&nbsp;<\/p>\n<p>&#8220;The more effective approach to both risks is a focused pursuit of secure-by-default systems in the long term, and a focus on investment in engineering defenses such as unphishable credentials \u2013 like <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2024\/05\/02\/microsoft_google_passkeys\/\" rel=\"noopener\">passkeys<\/a> \u2013 and implementing multi-party approval for sensitive security contexts throughout production systems. It&#8217;s because of investments in architectural defenses like these that, we&#8217;re told, Google hasn&#8217;t had to seriously worry about <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2024\/04\/29\/uk_lays_password_legislation\/\" rel=\"noopener\">password<\/a> phishing in nearly a decade.&#8221;<\/p>\n<h3 class=\"crosshead\">The problem with current tests, and possible alternatives<\/h3>\n<p>The main argument against current phishing tests is &#8220;there is no evidence that the tests result in fewer incidences of successful phishing campaigns,&#8221; said Linton.<\/p>\n<p>Some tests like those mandated by FedRAMP require organizations to reduce or eliminate existing controls to maximize the perceived impact of a failed test. This opens up a litany of issues, such as giving test subjects a false sense of the real risks and the allowlists implemented during exercises not being removed after, leaving them open for abuse by attackers.<\/p>\n<p>There&#8217;s also the increased load placed on incident responders and those tasked with triaging reports sent to threat detection teams, all while staff are left feeling unnecessarily deceived, Linton said, and he&#8217;s not alone.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" id=\"story_eagle_xsm_sm_md_xmd_lg_xlg\" data-pos=\"mid\" data-raptor=\"eagle\" data-xsm=\",mpu,dmpu,\" data-sm=\",mpu,dmpu,\" data-md=\",mpu,dmpu,\" data-xmd=\",mpu,dmpu,\" data-lg=\",mpu,dmpu,\" data-xlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZlPXDR02k2aPeGYM5zZvKgAAAAs&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZlPXDR02k2aPeGYM5zZvKgAAAAs&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>The <a target=\"_blank\" href=\"https:\/\/www.ncsc.gov.uk\/guidance\/phishing\" rel=\"nofollow noopener\">guidance<\/a> from the UK&#8217;s NCSC, for example, concurs with many of the points raised by the Googler, saying they erode trust between staff and security teams, and that there are a host of reasons why a user may click on a link in a phishing test.<\/p>\n<p>Factors such as certain personality traits of a given individual may compel them to click a link and situational variables including a particularly stressful workload being managed at the time a test is issued may unfavorably skew results.<\/p>\n<p>&#8220;Employees should instead create a positive cybersecurity culture so employees feel comfortable reporting <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2024\/04\/10\/x_fixes_url_blunder\/\" rel=\"noopener\">phishing<\/a> incidents, and in this sense, they can be a valuable early warning system,&#8221; the NCSC says.<\/p>\n<p>Linton&#8217;s idea of how these tests could be improved goes back to the notion of fire drills evolving into what they are today.<\/p>\n<p>Rather than them being delivered with deception, the fact they&#8217;re a test should be clear as day, in the same way that apartment and office blocks have posters plastered around every corner weeks before a test is carried out. They should point to a test and inform the recipient of the benefits.<\/p>\n<p>Linton&#8217;s idea of a possible alternative is considerably different compared to the tests office workers have become accustomed to over the years.<\/p>\n<p>In addition, the NCSC says a multi-layered approach should be taken to mitigating phishing attacks in a workplace:<\/p>\n<ol readability=\"1\">\n<li readability=\"-1\">\n<p>Make it difficult for attackers to reach your users<\/p>\n<\/li>\n<li readability=\"-1\">\n<p>Help users identify and report suspected phishing emails<\/p>\n<\/li>\n<li readability=\"-1\">\n<p>Protect your organization from the effects of &#8216;successful&#8217; phishing emails<\/p>\n<\/li>\n<li readability=\"-1\">\n<p>Respond quickly to incidents<\/p>\n<\/li>\n<\/ol>\n<p>&#8220;Educating employees about alerting security teams of attacks in progress remains a valuable and essential addition to a holistic security posture,&#8221; Linton said. &#8220;However, there&#8217;s no need to make this adversarial, and we don&#8217;t gain anything by &#8216;catching&#8217; people &#8216;failing&#8217; at the task.&nbsp;<\/p>\n<p>&#8220;Let&#8217;s stop engaging in the same old failed protections and follow the lead of more mature industries, such as fire protection, which has faced these problems before and already settled on a balanced approach.&#8221; \u00ae<\/p>\n<p> READ MORE <a href=\"https:\/\/go.theregister.com\/feed\/www.theregister.com\/2024\/05\/23\/google_phishing_tests\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Current approaches aren&#8217;t working and demonize security teams A Google security bigwig has had enough of federally mandated phishing tests, saying they make colleagues hate IT teams for no added benefit.\u2026 READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-56164","post","type-post","status-publish","format-standard","hentry","category-the-register"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.7 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Google guru roasts useless phishing tests, calls for fire drill-style overhaul 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/google-guru-roasts-useless-phishing-tests-calls-for-fire-drill-style-overhaul\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Google guru roasts useless phishing tests, calls for fire drill-style overhaul 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/google-guru-roasts-useless-phishing-tests-calls-for-fire-drill-style-overhaul\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2024-05-23T19:06:08+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZlPXDR02k2aPeGYM5zZvKgAAAAs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-guru-roasts-useless-phishing-tests-calls-for-fire-drill-style-overhaul\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-guru-roasts-useless-phishing-tests-calls-for-fire-drill-style-overhaul\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Google guru roasts useless phishing tests, calls for fire drill-style overhaul\",\"datePublished\":\"2024-05-23T19:06:08+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-guru-roasts-useless-phishing-tests-calls-for-fire-drill-style-overhaul\\\/\"},\"wordCount\":920,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-guru-roasts-useless-phishing-tests-calls-for-fire-drill-style-overhaul\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZlPXDR02k2aPeGYM5zZvKgAAAAs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-guru-roasts-useless-phishing-tests-calls-for-fire-drill-style-overhaul\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-guru-roasts-useless-phishing-tests-calls-for-fire-drill-style-overhaul\\\/\",\"name\":\"Google guru roasts useless phishing tests, calls for fire drill-style overhaul 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-guru-roasts-useless-phishing-tests-calls-for-fire-drill-style-overhaul\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-guru-roasts-useless-phishing-tests-calls-for-fire-drill-style-overhaul\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZlPXDR02k2aPeGYM5zZvKgAAAAs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"datePublished\":\"2024-05-23T19:06:08+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-guru-roasts-useless-phishing-tests-calls-for-fire-drill-style-overhaul\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-guru-roasts-useless-phishing-tests-calls-for-fire-drill-style-overhaul\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-guru-roasts-useless-phishing-tests-calls-for-fire-drill-style-overhaul\\\/#primaryimage\",\"url\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZlPXDR02k2aPeGYM5zZvKgAAAAs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"contentUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZlPXDR02k2aPeGYM5zZvKgAAAAs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-guru-roasts-useless-phishing-tests-calls-for-fire-drill-style-overhaul\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Google guru roasts useless phishing tests, calls for fire drill-style overhaul\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Google guru roasts useless phishing tests, calls for fire drill-style overhaul 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/google-guru-roasts-useless-phishing-tests-calls-for-fire-drill-style-overhaul\/","og_locale":"en_US","og_type":"article","og_title":"Google guru roasts useless phishing tests, calls for fire drill-style overhaul 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/google-guru-roasts-useless-phishing-tests-calls-for-fire-drill-style-overhaul\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2024-05-23T19:06:08+00:00","og_image":[{"url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZlPXDR02k2aPeGYM5zZvKgAAAAs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/google-guru-roasts-useless-phishing-tests-calls-for-fire-drill-style-overhaul\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/google-guru-roasts-useless-phishing-tests-calls-for-fire-drill-style-overhaul\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Google guru roasts useless phishing tests, calls for fire drill-style overhaul","datePublished":"2024-05-23T19:06:08+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/google-guru-roasts-useless-phishing-tests-calls-for-fire-drill-style-overhaul\/"},"wordCount":920,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/google-guru-roasts-useless-phishing-tests-calls-for-fire-drill-style-overhaul\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZlPXDR02k2aPeGYM5zZvKgAAAAs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/google-guru-roasts-useless-phishing-tests-calls-for-fire-drill-style-overhaul\/","url":"https:\/\/www.threatshub.org\/blog\/google-guru-roasts-useless-phishing-tests-calls-for-fire-drill-style-overhaul\/","name":"Google guru roasts useless phishing tests, calls for fire drill-style overhaul 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/google-guru-roasts-useless-phishing-tests-calls-for-fire-drill-style-overhaul\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/google-guru-roasts-useless-phishing-tests-calls-for-fire-drill-style-overhaul\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZlPXDR02k2aPeGYM5zZvKgAAAAs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","datePublished":"2024-05-23T19:06:08+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/google-guru-roasts-useless-phishing-tests-calls-for-fire-drill-style-overhaul\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/google-guru-roasts-useless-phishing-tests-calls-for-fire-drill-style-overhaul\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/google-guru-roasts-useless-phishing-tests-calls-for-fire-drill-style-overhaul\/#primaryimage","url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZlPXDR02k2aPeGYM5zZvKgAAAAs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","contentUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZlPXDR02k2aPeGYM5zZvKgAAAAs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/google-guru-roasts-useless-phishing-tests-calls-for-fire-drill-style-overhaul\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Google guru roasts useless phishing tests, calls for fire drill-style overhaul"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/56164","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=56164"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/56164\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=56164"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=56164"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=56164"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}