The benefits provider’s IT team developed and delivered a comprehensive, organization-wide security awareness and training program that leverages the benefits of our Continuous Training Methodology and includes regular phishing simulations and knowledge assessments, quarterly employee training assignments, consistent tracking and biannual reporting, and regular reinforcement of key principles.
After one year, the organization’s click rate had fallen from 20% (established in the POC) to 5%. Just prior to hitting the 15-month mark, the lowest click rate was registered at 2%, which is an 89% reduction in susceptibility. In addition to numerical results, the association has recognized administrative and organizational advantages from the program, including simplified Board reporting and external auditing.
Overall, the association is focused on delivering a program that tests susceptibility to different phishing threat vectors — like malicious links, attachments, and data entry requests — and helps drive measurable improvements over the long term. The important thing, the IT systems manager noted, is for the organization to continue to get a better understanding of where its vulnerabilities lie and work to manage end-user risk.
For an in-depth look at how this and other customers have lowered their susceptibility to phishing attacks, as well as their rates of malware infection and frequency of IT helpdesk calls, visit our website.
Subscribe to the Proofpoint Blog