Security awareness training for an IT services company

Security awareness training for an IT services company

Key challenges

With more than 2500 employees, this global IT Services company is usually a target of social engineering schemes. Working with international clients around the world, our client is entrusted with highly confidential data including financials, strategic and audits reports. The integrity of our client’s information system and the security of its data is a must, hence leaving no room for errors and potential leaks.

Our client has had previous experience with internal incidents linked with physical security. Although the employees received a training upon their onboarding, the client had noticed several misconducts and decided to ask for our support to increase awareness and encourage the adoption of good reflexes in a more impacting way.

Our approach

Following the requirements of the client we conducted a security awareness training in 3 phases consisting of:

Benefits

The conclusion of the post security game reports have shown that we had substantially reduced the risk of real social engineering attacks. The employees and management teams have formulated their satisfaction regarding the entertaining and unique training format. Indeed, 75% of employees have declared that this experience had changed their vision of security. The concerned departments are now aware of the most common threats targeting their company and are educated on the methods and processes to spot, avoid and report social engineering attacks.

I finally understand what social engineering is and how to protect myself from it.