Request a demo
case study

Celonis Mines Threat Intelligence from Phishing Training to Optimize Incident Response

Client logo
About

Celonis is the global leader in process mining. With 20+offices and 3,000+ employees worldwide, Celonis helps 1,400+ businesses reachtheir full potential through Process Intelligence.

  • Industry:Data process mining
  • Headquarters:Munich, Germany & New York City, USA
  • ·Employees:3,000 employees globally
Challenge

The Incident Response (IR) team needed more security training engagement and measurable outcomes than their static SAT tool could deliver to reduce the risk of phishing attacks and improve employee resilience.

Solution

Celonis adopted Hoxhunt’s adaptive phishing training platform for its personalized, role-based simulations and gamified elements. Within months, the IR team had multiplied user training engagement and employee threat intelligence for augmented incident response capabilities.

Key takeaways:
Featured image
  • Behavioral Change: With gamification and personalized content, Hoxhunt drove measurable behavior change that exceeded their previous awareness tools.
  • Improved Engagement and Reporting: Employees became more proactive in reporting suspicious emails, with phishing simulation reporting rates soaring to over 60%.
  • Dramatic Reduction in Failure Rate: The phishing simulation failure rate dropped from over 12% to under 2%, indicating a substantial improvement in employee resilience to phishing threats.

Incident Response Team Ownership Drives Focus on Risk Reduction

Celonis’ Incident Response (IR) team took ownership of Hoxhunt, viewing it not merely as an awareness tool but as a key component of their strategy to reduce the risk of phishing attacks. This strategic decision allowed them to use Hoxhunt’s gamified phishing simulations to target and improve specific behaviors associated with phishing breaches.

The platform’s personalized approach, which crafts phishing scenarios based on the employee’s role and department, was essential in engaging users.


"We didn’t just need another awareness tool; we needed something that could help us reduce the risk of phishing in a real, measurable way. Hoxhunt’s gamification and personalized approach made it the perfect solution for us." – Christina Barker, Senior Manager Global Cyber Defense (GCDT) at Celonis

Gamification and Personalized Simulations Drive Engagement and Results

Hoxhunt's gamification elements play a pivotal role in increasing training engagement and locking in behavior change. Employees enjoy collecting stars and achieving higher levels; this sense of competition and accomplishment led to more cautious behavior when interacting with potential phishing emails.

The personalized content is tailored to each user’s role, which makes the scenarios feel more relevant as they interact with the gamified learning experiences. The positive individual experiences coalesced to foster a more security-conscious workforce. Employees are motivated to engage with phishing simulations and micro-trainings, making them more vigilant against real threats. This approach directly contributed to a dramatic reduction in the failure rate of phishing attempts.


"Hoxhunt’s gamification element keeps people engaged, but it also creates a competitive and fun environment where employees genuinely care about gettingit right. We saw a drastic drop in failure rates as a result." – ChristinaBarker

Improved Reporting Rates and Failure Rates

With Hoxhunt, Celonis achieved a substantial increase in reporting rates—which have soared to over 60%-and-climbing—indicating that employees had become more skilled at recognizing and reporting real phishing attempts. Meanwhile, the failure rate in phishing simulations dropped from over 12% to under 4%, highlighting the program’s success in improving resilience against attacks.

This improvement not only demonstrated the effectiveness of Hoxhunt in building awareness but also supported the IR team’s goal of creating a more secure environment.

Strengthening Incident Response through Lasting Engagement

The IR team at Celonis appreciated how Hoxhunt bridged different functions across the security stack. By integrating Hoxhunt into their broader security strategy, the platform raised awareness ofphishing risks and reimagined how the IR team could work together with employees to manage those risks.

Employees now feel more empowered to report suspicious emails in training and in real situations, contributing to faster identification of potential threats. This was an unexpected yet highly positive outcome, as it fostered stronger collaboration between the IR team and the rest of the company.

"Hoxhunt has brought much-needed visibility to our IR team. Employees are more likely to report phishing attempts now that they understand the role we play in keeping the company safe. This has been a great outcome we didn’t initially anticipate." – Christina Barker

Celonis’ adoption of Hoxhunt hashelped reduced the risk of phishing attacks. By combining personalized, role-based phishing simulations with gamification, the company saw a marked increase in employee engagement, a significant reduction in phishing failures, and enhanced collaboration with the IR team. The results speak for themselves, with phishing vulnerability dropping dramatically and reporting rates rising.

It's about intelligence. After helping hundreds of companies fulfill their business potential with process intelligence, Celonis is now poised to maximize their cyber capabilities through human threat intelligence.

Want to match these results?
Hoxhunt adaptive phishing training dramatically increases training engagement and security resilience.
Request a demo
learn more

Experience Hoxhunt.
Request a demo today.

Book a demo
Watch video
During the demo you'll:
Discuss challenges you would like to solve
Discover what you are looking for in a solution
See the Hoxhunt end user experience in action
Explore the administrator dashboard, success metrics and reporting