If is the leading property and casualty insurer in the Nordic region. If offers a full range of P&C insurance solutions and services to a broad customer base, from private individuals to large corporate customers.
If operates on a pan-Nordic basis leveraging both scale and capabilities across all areas in If. If's key success factor is continuous improvement of its operations.
Having a focus on underwriting by understanding risk better than competitors, setting the right prices, and offering the best products and services, has been the strategic theme for more than a decade.
In their words:
The insurance industry at large, and cyber insurance in particular, are undergoing significant changes. Insurers and their customers are facing a systemic shift towards responsibility and accountability for one’s cybersecurity posture. Auditory, regulatory, and compliance standards are tightening and it’s more challenging to secure cyber insurance coverage and avoid liability for a breach that could compromise partners within the ecosystem.
The key to success in this complex landscape is measurable cyber risk reduction. That's different from tick-box compliance which, as the security team from If explained, is an important starting point, but does not yield actionable data for behaviour change and human risk management.
“When we talk about employees and their responsibility to the organization’s security, we need metrics to show their cyber performance is tied to corporate risk posture. I think that we at If have been spoiled by the good metrics we get with Hoxhunt, where we show the ongoing improvements in failure rate, success rate, miss rate, et cetera and then show to leadership how our risk posture has improved as a result.” -- Taif
With regulations for insurance companies to have a strong resilience program in place by 2025, If knows its employees must be trained to recognize and respond to phishing attacks, where most breaches occur. Watching the legacy SAT tools fall behind the cyber-threat landscape, If decided to lead their customers towards resilience by example and adopt a cutting-edge cybersecurity behaviour change program with Hoxhunt.
“It is no longer good enough for companies to just buy cyber insurance and ask the insurance company to accept all the risk. Companies must do something on their own end to lower the risk and put some basic foundations in place to achieve resilience and be able to show metrics that demonstrate their risk posture is good, and getting better.”—Peter
By partnering with Hoxhunt, If has witnessed a significant transformation in its cybersecurity culture and risk posture. Employees have become more vigilant and proactive in recognizing and reporting suspicious activities, as is evident from the surge in real threats being detected and reported to the threat feed.
"Hoxhunt's training not only educates our employees but also changes their behaviour and gives us the metrics to prove it." – Peter
When Microsoft Defender’s phishing simulator, a cheaper tool, was suggested as a replacement for Hoxhunt recently, the security team did a test. Hoxhunt outperformed the alternative in terms of outcomes as well as resources required to operate the program.
Not only does Hoxhunt provide individualized training with an adaptive learning model-- delivered along a gamified learning journey that people love—but the AI-native platform enables true automation. Dozens of phishing simulations and awareness modules can be delivered each year with less effort than four manual phishing tests per year.
"Hoxhunt's platform is incredibly user-friendly, and the engaging content ensures that employees actively participate in the training. It's the most effective security training solution we've ever implemented." – Taif
The collaboration between Hoxhunt and If goes beyond just training. Hoxhunt's team of cybersecurity experts works closely with If to understand their unique challenges and develop tailored strategies to address them. The Hoxhunt data gives valuable and actionable insights into employee behaviour that the security team uses to make smart interventions.
For employees and customers, the success of the Hoxhunt-If partnership extends beyond the walls of the organization. If's employees take the training home to better protect their friends and family. Customers also benefit from the strengthened cybersecurity measures, as If can assure them that their sensitive information is protected.
Through personalized training experiences, real-time feedback on reported threats, and ongoing support, Hoxhunt has enabled If to build a cybersecurity-conscious workforce and enhance its overall security posture.
"We've seen a remarkable improvement in our employees' ability to identify and report potential threats after implementing Hoxhunt. It's hands down the best human risk management solution available." - Taif