<![CDATA[This study was conducted and aimed to improve email security against phishing attacks through user behavior analysis and data loss prevention (DLP). Phishing attacks pose a significant threat to the protection of user information and privacy, especially for individuals who are less aware of phishing emails. Their vulnerability to such attacks not only compromises their own security but also poses a great risk to the company. This can result in huge financial losses. Thus, there is an urgent need to improve security measures for users and systems. This study will use the NIST Cybersecurity Framework 2.0. This framework provides a structured approach to identifying and analyzing user behavior. Then an assessment of the phishing simulation is carried out to pay attention to users who are vulnerable to phishing attacks. After assessing the phishing email, the DLP configuration is determined for preventive measures. The following are the core functions of CSF as a framework that will be used: Based on the phishing simulation conducted, the pattern is almost the same, displaying the sender's email domain that is very similar to the original. Employees are usually easily trapped if they do not read the domain carefully and immediately follow the instructions in the email body. Phishing emails typically have a business context and are assumed to be sent by a trusted person, such as a supervisor, a colleague from the same department, or a different department. User behavior analysis is key to identifying vulnerabilities to phishing attacks. Understanding how users interact with emails can help develop effective mitigation strategies. Implementing DLP as a layer of defense can proactively detect and prevent phishing emails from reaching users’ inboxes. Proper DLP configuration is critical to a successful implementation. User education and training are critical components to raising awareness of phishing threats. Equipping users with the skills to recognize and avoid phishing attacks can significantly reduce an organization’s vulnerability.]]>
