Explore the critical role of social engineering attacks in cybersecurity and learn how to create an effective internal phishing program in this 54-minute LASCON conference talk. Discover why human elements often become the weakest link in organizational security, even when technological defenses are strong. Examine real-world examples like the Google Docs attack to understand the impact of inadequate employee training. Gain insights into developing a robust awareness program that can significantly improve an organization's resilience against phishing attempts. Learn practical strategies for measuring training effectiveness and keeping employees vigilant against evolving cyber threats.