New research from UC San Diego Health and Censys exposes the startling inefficacy of conventional phishing training programs, showing only a 2% reduction in click-through rates. With phishing now the leading cause of ransomware attacks, experts urge organizations to prioritize technical controls over awareness theater.