SOURCE: Wombat Security Technologies

Wombat Security Technologies, Inc. logo

May 11, 2016 09:00 ET

Wombat Security Enables Utility Company to Reduce Phishing Susceptibility by Over 67%

Wombat's ThreatSim® Simulated Phishing Attacks Helped to Improve Security Behaviors Throughout the Organization

PITTSBURGH, PA--(Marketwired - May 11, 2016) - Wombat Security Technologies (Wombat), the leading provider of cyber security awareness and training solutions, released a new industry case study that shows how their solutions enabled a large utility company based in the western United States to reduce employee phishing susceptibility by more than 67 percent.

The utility deployed Wombat's ThreatSim® product throughout the organization in 2013 to educate and train employees as phishing attacks become more complex and common in the critical infrastructure sector. As the multi-year program progressed, the utility recorded significant improvements to phishing susceptibility, even as simulated attacks become more challenging.

The utility's baseline campaign in 2013 resulted in a 32 percent click rate. By the end of 2015, the year-to-date average was 10.42 percent, translating to a 67.43 percent reduction in susceptibility.

"We've done campaigns around conference registrations and other industry-specific events and topics in order to try to deliver emails that feel like they are a part of our line of business," said the organization's information security specialist in charge of security awareness and training. "Different topics resonate with different areas of the business, so it's helpful to be able to customize those messages." Employees were much more inclined to click on and respond to messages that were corporate in nature, a trend that was also reflected in the findings of Wombat's 2016 State of the Phish Report.

The utility used the ThreatSim product to initiate monthly simulated phishing attacks, which were paired with embedded just-in-time teaching messages known as Teachable Moments. These messages are triggered when an end user falls for a mock phishing attack, and offer tips for avoiding future phishing emails. The monthly phishing assessment schedule allows administrators to test different types of templates, threat vectors, and message styles. They have also implemented Wombat's PhishAlarm® email reporting button which allows employees to report suspicious messages to the organization's security response team.

Wombat's ThreatSim product offers multiple mock phishing templates that can be customized, provides comprehensive reporting capabilities, and has the added benefit of an intuitive interface. ThreatSim provides realistic attacks, including time-sensitive and seasonal simulated phishing emails that mimic the approach real-world attackers take.

The utility also used ThreatSim's customization capabilities to simulate business email compromise attacks, sending customized phishing messages to each of their executives based on information gathered from their social media profiles -- a practice commonly referred to as whaling. "We thought and acted the way that attackers are thinking and acting every day," the training manager said. "It was a valuable lesson for our executives to learn, and a very effective way for them to learn it."

The monthly simulated attacks and the reporting functions available within ThreatSim allow organizations in the critical infrastructure sector to get a more accurate picture of trends over time and help employees avoid phishing attacks as they get more sophisticated.

"These are the types of results that countless Wombat customers have experienced, as evidenced by the customer results we have shared in the past," said Amy Baker, VP of Marketing for Wombat Security. "If more organizations were committed, like this utility, to educating employees perhaps phishing attacks wouldn't still be on the rise." Wombat's Continuous Training Methodology has been shown to reduce successful phishing and malware infections by up to 90 percent. Their market-leading approach and award winning Security Education Platform currently helps over 1,000 enterprise organizations change employee behavior and dramatically reduce the risk of a cyber-attack.

About Wombat Security Technologies
Wombat Security Technologies provides information security awareness and training software to help organizations teach their employees secure behavior. Their SaaS-based cyber security education solution includes a platform of integrated broad assessments, as well as a library of simulated attacks and brief interactive training modules. Wombat's solutions help organizations reduce successful phishing attacks and malware infections up to 90 percent. Wombat, recognized by Gartner as a leader in the Magic Quadrant for Security Awareness Computer-Based Training Vendors, is helping Fortune 1000 and Global 2000 customers in industry segments such as finance and banking, energy, technology, higher education, retail and consumer packaged goods to strengthen their cyber security defenses.

Contact Information