In this section, two phases employed in producing the benchmark result of the best security policy in
thwarting spear –phishing in BYOD is presented. Phase 1 is the step in which risk quantification of the
severity of sub-attack which leads to spear phishing is done. Overall, based on literature, APT sub-attacks
method are social engineering, Pass-the-Hash (PtH) attack, SQL injection, waterhole attack and spear phishing. The attack with the highest severity is then used as an input to for preventive security rules
in different security models discussed above. This is done in phase 2.