Case study

Case Study: How a global packaging company uses Hoxhunt to protect themselves against social engineering attacks

About
HQ in Austria
20+ Sites in 10+ Countries
Challenge
The customer wanted to find a way to give their employees a sustainable way to learn how to protect themselves and the company against social engineering attacks.

One of our customers is one of the leading providers of packaging solutions in Europe with employees in more than 20 sites in over 10 European countries. The customer provides their packaging solutions for the food, pharmaceutical, cosmetic and hygiene industries.

Their mission is to offer innovative, efficient, and sustainable packaging solutions tailored exactly to the requirements of their customers.

Reliability is one of their core values and the company has always focused on being able to deliver results to their customers when they need it. With the growing amount of sophisticated cyber-attacks that have caused havoc in the manufacturing industry, they set out early on a mission to secure their employees and their production facilities.

Challenge

As the company had been growing rapidly and expanding their physical presence geographically, the management and consolidation of the heterogeneous IT infrastructure was becoming increasingly complex.

An equally important part of the security puzzle are their employees. Social engineering attacks such as phishing attacks were becoming more common and they wanted to find a way to give their employees a sustainable way to learn how to protect themselves and the company against such attacks.

Part of the challenge was that they have a distributed workforce in several countries speaking several different languages. This presented a large surface for attacks. The phishing attacks also were getting better, they received attacks in the native language in even the smaller regions.

They wanted to find a solution that could give the employees the right skills and attitude needed to develop a strong cyber secure culture. They were searching for a solution that could personalise the training based on the location and roles of their employees. As their IT and security organisation already has their hands with integrating the growing group, they needed a solution that could take care of the training without needing too many resources from the existing internal IT team.

Why Hoxhunt?

The company decided to choose Hoxhunt as the solution of choice as it is able to scale across their multiple current and future locations without creating additional load on the IT and security teams. They liked Hoxhunt’s way of delivering education and awareness as part of the employees’ everyday workflow, as they had previously seen how difficult and time consuming it was to provide relevant training content in an engaging way.

The main objective for them was to make sure that their employees would know how to detect phishing emails and would know how they need to react. One of the key reasons they chose Hoxhunt was that they liked the employee-first approach of the Hoxhunt solution. Their vision was that cyber security training should be positive and rewarding instead of negative and penalising matched well with how Hoxhunt had built the solution.

With Hoxhunt they were also able to streamline the reporting process of actual threats that the employees across different locations were seeing. This gave the security team an overview based on data of how employees were responding to the simulated attacks.

Solution and results

The customer has been using the Hoxhunt solution for 5 months now and the results have already been outstanding. They’ve been able to strengthen their cyber security culture and have seen that the engagement rates on how people react and participate in the training are much higher than what they have seen with other tools or educational platforms before.

The onboarding and GoLive of Hoxhunt was completed within 2 weeks, including technical implementation and the pre-launch communication to end-users. The Hoxhunt customer success team worked closely with the customers team to support them through the implementation process.

They have already seen a great impact in user behavior and how it has shifted to employees being much more aware. Best of all, employees have learnt how to report suspicious emails with the help of Hoxhunt. The continuous learning that the Hoxhunt platform provides and the fact that users get simulated attacks depending on their level of awareness, results in a solution that will create a sustainable protective shield for the customer.

Reporting

The customer has been able to utilize the reporting that comes with Hoxhunt. This has given them visibility to how their users are engaging with the training, how the resilience of the organisation is evolving and what kind of real threats are being reported.

After they implemented Hoxhunt the users started reporting emails more and their visibility increased so that now they are aware of what kind of attacks are threatening their organisation. With this information they’re able to prevent and stop potential threats with a very short response time. This saves the IT security team resources as the manual work is reduced significantly, leading to increased focus on threats that require immediate action.

About Hoxhunt

Hoxhunt turns your employees into your strongest asset in cyber security. We’re relentlessly focused on empowering your employees to shield your organisation as an active last line of defense. We work with multinational companies such as TomTom, Nets and Fortum. If you want to see how we can help your company defend against phishing attacks, schedule a demo or contact us at [email protected]