Cofense PhisMe for defense and aerospace company
Categories
Description
Background. A large multinational company was the target of relentless phishing attacks intended to steal intellectual property. With growing alarm, the company kept throwing more people, technology and money at the problem to little effect, until it concluded the answer lay in raising user awareness. For most multinational companies, the issue of “phishing” is an everyday occurrence. For our case study, the company concerned was investing significantly in technology to help defend itself; however, company managers concluded that without engaging end-users as the first line of defense they were undermining this investment.
Challenges. With 8,000 users dispersed through five continents and many other international locations, getting everyone on the same page to fight phishing seemed a huge challenge. In addition to the development of a global IT Security Awareness program, a method of assessing user susceptibility to phishing email was required.
Solutions. As it happened, the company’s North America division was preparing to test an enterprise phishing defense solution, Cofense PhishMe®, so the global security awareness team watched for the results. Pleased with the outcome, the security team knew it had found its phishing defense solution. “We looked at the success in North America and decided to deploy Cofense PhishMe for the rest of the user population,” recalls the client’s security awareness leader. In the most recent test, the company’s susceptibility measured at just under 2%, a stunning drop from 21% before deploying Cofense PhishMe, including less than 1% for employees who took the simulation bait more than once.
Business Results
Rehabilitating Chronic Offenders
The approach is working. The company’s overall susceptibility score of 2% is remarkable considering the number of users. During the last year the average score dropped to 5% from 21%. “Our feeling is that if we are below 10%, we are doing well and certainly below average for susceptibility. Nevertheless, we recognize 2% of 8,000 is still a significant amount of people, so we can’t rest on our laurels too much.”
Choice of Bait
Cofense PhishMe comes with prepackaged phishing scenarios, but customization is available. This client used a package delivery scenario in its first test because receiving a package is relatable to any user regardless of location or cultural customs. “So it’s quite a seductive piece of bait,” says the awareness leader. The company is mindful of cultural, religious and social considerations when choosing bait. The global security awareness team reviews the available scenarios then recommends which to use next. “I very much want my international leads to have the lead on “bait” selection. Rather than the corporate head office telling them what we are going to do, I ask them to suggest what we are going to do.”
Improved Reporting
Getting users to report suspicious emails is never easy, and this client’s experience was no different. “We had a process for them to follow. They had to follow a published process to ensure technical information within the email was preserved so that it could be examined by our experts. The manual nature of the process discouraged people. “It’s easier to just hit delete because they may figure we’re a big organization and someone else has reported it already, or, quite frankly, they just couldn’t be bothered,” says the team leader. Cofense Reporter changed all that by giving users a one- click process to report suspicious emails. “So it’s just as easy as clicking a delete button.” In response, users get a congratulatory message when they spot a phishing test email. If a reported email isn’t a phishing test, they receive a thank you for helping to keep the company safe. “One of the key benefits of this approach is when running a test, reported emails are not sent to the experts – reducing their workload.”
Conclusion. The client couldn’t be more pleased with Cofense. The technology has delivered as promised, and when the company has needed help with troubleshooting or usability questions, Cofense’s tech support has proven responsive and helpful. “We’ve always found their response to be very good in terms of speed and quality.”
Details
Business tasks
Enhance Staff Productivity
Ensure Security and Business Continuity
Problems
Risk of attacks by hackers
Risk of data loss or damage
Shortage of inhouse IT resources