Customer Success
A case study - How customers benefit from awareness training
As a leading provider of multibank-capable online and mobile banking solutions in Germany, Star Finanz operates in the highly-regulated environment of the financial sector. The company frequently deals with sensitive financial and transaction data of end customers and companies. In order to protect these from spear phishing, internal security training for employees has already been carried out in the past.
To protect this sensitive customer data from phishing and spear phishing attacks, Star Finanz had already established an IT security strategy. In addition to technical security measures, such as spam and phishing filters and firewalls, security awareness training was conducted for employees. These included monthly blog posts and meetings on acute awareness topics, in which all company departments participated. Each training session concluded with a knowledge test.
"But it soon became clear that internal training was no longer sufficient to sustainably protect our company from increasingly sophisticated spear phishing attacks," reports André Haase, Senior Security Architect at Star Finanz. "So security management decided to put the issue in professional hands."
More than a Campaign
These phishing simulations use real company and employee information to recreate authentic attacks. If an employee falls for a simulated attack, he lands directly on an interactive explanation page. There, he is shown what suspicious features the email contains: from letter misspellings in the address line to fake subdomains and dubious links.
"Spear phishing simulations are extremely effective because they use an employee's 'most teachable moment' to make him aware of his misconduct," emphasizes André Haase. "It is precisely then that this employee is particularly receptive and internalizes the newly learned information in the long term." To date, simulated spear phishing attacks and e-training sessions are continuously conducted for Star Finanz employees. "Great learning progress has been made in the process and the security level of the workforce has increased significantly," André Haase, Senior Security Architect at Star Finanz, sums up.
For data protection reasons, it is very advantageous for Star Finanz that customer information is processed in Germany. This means that all training measures are compatible with the EU-DSGVO. Furthermore, by using the recognized security measures of the Security Awareness Suite, the company can set an important course for a possible ISO 27001 certification. For André Haase, there is no question that the Security Awareness Suite will remain on board permanently in order to achieve a sustainable effect of the awareness trainings.
Strong together against threats
"Thanks to the full-service offering, we were able to achieve significant learning progress without having to worry about managing and implementing the security awareness training. In order to achieve a long-term and sustainable effect, we decided to make the campaigns permanent."
André Haase - Senior Security Architect - Star Finanz
Prepare your staff for the challenges of the digital world.
Book an appointment with one of our awareness experts now.