PhiShield: Design and Implementation of a Web Platform for Cybersecurity Awareness Programs

Cybersecurity awareness represents a fundamental component in strengthening organisation's security posture. It relies on two main fundaments: the first involves conducting social engineering attack simulations (e.g. phishing campaigns) to evaluate and enhance users' attitude to respond to real world threats, while the second focuses on learning programs designed to improve users' cybersecurity knowledge. The final goal is to strengthen their ability to recognise, assess and respond to potential hazards they may encounter in real environments. Although cybersecurity awareness plays a crucial role and requires continuous assessment and improvement, the software solutions currently available to support organisations aren't often completely adequate to meet the specific needs of awareness programs. In particular, considering the two main categories of solutions on the market, open source and commercial, a significant percentage of existing applications provides highly sophisticated functionalities for phishing simulation activities, while it offers limited support for learning initiatives, which very often, must be integrated through external tools, such as Learning Management Systems (LMS), or, even worse, is completely ignored. This project aims to address this gap by introducing a prototypical solution, PhiShield, an open source platform designed to integrate both aspects of security awareness. The system is composed of two main modules, training and learning, which mutually operate to deliver high-quality cybersecurity content and assess users' abilities with fully customisable simulations. PhiShield has been developed to function as a highly automated and reliable environment, allowing cybersecurity specialists to set up awareness programs using a simple and efficient process while monitoring users' real-time performances via dedicated dashboards. Furthermore, this work addresses the potential integration of Large Language Models (LLMs) into the platform, analysing both their benefits and limitations. As discussed in recent researches, LLMs can be leveraged to generate behaviour-based cybersecurity content, making the system context-aware with respect to both simulation characteristics and user performance and enabling the automated creation of personalized training materials. The platform was tested in a real-world environment involving a small yet heterogeneous group of users, who were engaged in various phishing campaigns and asked to provide critical feedback on the learning module. Finally, potential enhancements and future developments of the platform are critically examined, with the aim of improving its overall capabilities and increasing PhiShield's relevance for real-world companies and organizations.