Field notes

Writing on our work

Observations from current engagements, opinion on industry developments, and the occasional longer essay.

2026-04-02 · Dr Priya Sundaram · Measurement

Click-rate is a vanity metric — measure reporting instead

Why click-through on phishing simulations is the weakest signal you can track, and what to measure instead.

2026-03-10 · Elena Costache · Threat picture

Token-stealing phishing kits are now commodity. What that means for your detection layer and how training has to adapt.

2026-02-18 · Marcus Tan · Threat picture

QR-code phishing has moved from edge case to dominant initial vector in many engagements. The implications run beyond email security.

2026-01-22 · Wei Hua Chen · Curriculum

Most awareness programmes peak in year one and decline thereafter. Three structural changes that change the trajectory.

2025-12-09 · Jian Wei Lim · Tabletop

Most tabletops rehearse the technical investigation. The communications and decision flow — the hard parts — usually go unpracticed.

2025-10-28 · Dr Priya Sundaram · Reporting

Board-level communication about awareness programme outcomes works when it is short, narrative-driven, and explicit about what to ignore.