The Challenge
For a Zurich-based building and construction company, training their employees to properly identify and prevent phishing attempts was a high priority. Like other companies, they had phishing and malware attacks in the past and wanted to prevent the growing threat from creating problems in the future.
How we solved it
With well-trained employees, you minimize the risk of a phishing attack and reduce the associated system failures, data loss, reputational damage, and costs.
The Arco IT security awareness training includes an initial simulated phishing campaign. This helped identify the percentage of staff prone to phishing attacks. In addition, Arco implemented a quarterly security awareness training and testing campaign to ensure staff was always staying abreast of new hacker methods.
In addition to the training, automated checks of the company’s email addresses against sites that track password leakage help to identify potentially compromised accounts before they get used for attacks. In this regard, operational processes were established to raise user awareness and efficiency if new accounts are potentially compromised.
RESULTS:
- Despite a significant increase of phishing attacks over the last two years, the company has seen fewer incidences of users falling prey to the attacks
- Pro-active protection of user accounts that may have been breached in cyber attacks outside the company.