The Problem

This Education client sought a visual snapshot to assist their Information Security and Infrastructure team in reporting, analysing, and extracting valuable insights.

The business aimed to better understand employee behaviour concerning phishing email interactions and identify ways to mitigate future risks. Specifically, they were interested in analysing the trends between employees who completed the relevant awareness training and those who did not and how this impacted their response to phishing emails.

The current process of gathering this information required a great deal of manual intervention. The business was looking to improve the team’s capacity to focus on the solution, prevent future risks and effectively communicate to leaders within the institution the importance of mandating training.

The Solution

Exposé collaborated closely with the business to analyse and consolidate data from three key areas:

  • Awareness Training and completion data
  • Phishing Simulation results
  • Identity Platform Resource data

We worked with the client to identify the critical information needed to strengthen their business case and capture valuable insights for future risk assessments.

The solution provided a snapshot comparison of email interactions between staff who had completed the necessary awareness training and those who had not.

Additionally, exposé successfully configured the report to display future trends as more data becomes available over time.

Business Benefit

The solution effectively integrated data from three core systems, enabling the business to promptly identify and highlight key phishing-related risks. The simplified view of completed training also offered added value, supporting future decision-making and enhancing cyber awareness.

This approach allowed the business to quickly grasp the significance of training and awareness programs, aiding in the education of staff and reducing potential risks.

The reporting tool has significantly decreased manual processing time, freeing up the team to focus on proactive risk prevention.

Furthermore, the solution demonstrated a clear correlation between training completion and interaction with phishing emails, underscoring the importance of continuous training and awareness initiatives.

The executive-friendly report provided clear visual cues, supporting the business in its ongoing risk assessments during weekly meetings and emphasising both current and potential threats.

Download our full case study here.

Previous Post Next Post