<p>Organizations often shy away from including phishing in their security testing, primarily because it's difficult to get reliable statistics. However, by employing a tagging process, testers can map sent e-mails with received responses, and build useful reports. Additionally, this information can be used to develop knowledge of social roles in the organization, as well as for identifying useful targets.</p>
Sean Palka, an Associate at Booz Allen Hamilton, has contributed as a reviewer to the IEEE Transactions on Pattern Analysis and Machine Intelligence and has published a paper on biometrics vulnerabilities for the IEEE Conference on Biometrics: Theory, Applications and Systems. Mr. Palka has professional experience in a variety of fields, including software development, cryptography, and airspace information management. Mr. Palka currently works as a penetration tester and wargame scenario developer.</p>