SEPT 2016 – Like most companies nowadays, we’ve had our share of cyber incidents: virus infections, ransomwares, phishing emails, etc… . Something we’ve always knew was that most of these incidents involve some form of human error. This became even more apparent when the news reached us of the Crelan CEO Fraud, namely the CFO of the bank received an urgent request for a wire transfer from his CEO. Or so he thought it was his CEO. It was not… The impact of a single human error: 70 million €. Ok, maybe this will not easily happen to us, but still. It’s time to act, we thought.
We internally agreed that we needed cyber awareness training for all our employees, preferably including simulations where ‘human error’ occurs most (email phishing). We also believed repetition and measuring the impact were an absolute must in any awareness initiative.
An option was to do it ourselves, using the (DIY) tools available on the market. But we decided to work with Krinos, as their standard offering was just what we needed: providing a yearly campaign that included several email phishing simulations, online learning modules, input & advice around communication, and extensive reporting to all staff, IT-ers and managers.
“Krinos not only provided the tools, but also the expert services in managing the campaign end-to-end.” says Gert Beeckmans, Chief Risk & Security Officer.
With their know-how and hands-on practical ideas, we were able to smoothly kick-start in our cyber awareness program without putting too much additional workload on the organization. The first email phishing simulation gained a lot of attention inside our organization, to say the least. Everyone was suddenly very much aware, at least for a while. Results by department stimulated our management to be involved, some of them personally urged their teams to follow additional online trainings so they could score better next time.
“The online trainings offered are short, interactive and fun to do.” says Danny Enzlin, Management Advisor.
Danny continues with: ”…I was even able to spot a well-drafted financial phishing e-mail I received, having followed the Krinos training on recognizing suspicious URLs. A big bonus for us is that their Trainer platform integrates with our own Microsoft Azure Active Directory, which means our users don’t even need a separate login.”
Last words from Krinos: At Krinos we very much enjoyed working with the people of SDworx. We found that they are: open-minded, responsible, enthusiastic, down-to-earth & professional. These are all elements that make organizing an awareness campaign fun to do and efficient.