case study

How Swiss aviation company, Pilatus reached new cybersecurity heights with Hoxhunt as their co-pilot

Client logo
About icon

Founded in 1939, Pilatus Aircraft Ltd develops and produces the world’s most unique aircraft: from the legendary PC-12, the best-selling single-engine turboprop in its class, to the PC-7 MKX and PC-21 and associated simulators, the market-leading systems for pilot training. The brand-new PC-24 is the world’s first ever business jet designed for use on short unprepared runways.

Industry: Aviation

Location: Headquartered in Switzerland, with offices in Australia and USA

Employees: 2,300

Challenge icon
With data breach and IP theft a major concern, the innovative airplane manufacturer sought an automated awareness tool centered around threat reporting.
solution icon
An ICT consultant selected Hoxhunt for its automated phishing simulation platform and hybrid customer service model; the IT team hasn’t looked back since, maintaining soaring results in user performance and threat reporting.
Key takeaways:
Featured image

“It doesn’t take much effort from our IT and security team because Hoxhunt is distributing the emails and managing the simulations and doing a lot of other things we’d have to otherwise do, like leaderboards and threat analysis.”


“I think the training just speaks for itself. The simulations are really well made and people learn from them. We are really happy with how it’s going.


“I’m really happy with your support and partnership. What I really appreciate is the support I get from Hoxhunt: (Customer Success Manager) Minttu always gives me the latest numbers and discusses with me what to do and guides me on what can be the next steps. It didn’t take too much for us to get this whole thing started and it doesn’t take much to keep it running.”


“I think it’s a good product and I recommend it to others, especially because of the support.”


--Pascal Odermatt, Project Manager ICT & Services


Pilatus boasts some of the most impressive performance metrics we’ve recorded in terms of user engagement and fail rate. Their perfect 100 resilience score—an organizational risk metric that divides engagement rate by fail rate--is a unicorn. A score of 12 is considered satisfactory, 16 is excellent, and 20-and-up is rarified air. 100 is literally off the charts. It’s an aspirational achievement.


  • Resilience score: 100
  • 92.5% onboarding rate for whole company
  • 85% engagement rate for whole company
  • 0.85% fail rate
  • Fail rate has dropped from 12% at baseline to 0.85%; stellar progress!
  • Major security culture boost


Why Fly with Hoxhunt?

Pilatus wanted a co-pilot who could put the cybersecurity awareness journey on autopilot. Employees at the Swiss aviation company interact with sensitive data on a daily basis; data breaches are a major concern, and the human layer is the biggest risk. The company wanted people to know how to recognize and report a suspicious email instinctively.

Previously, the aviation company administrated a manual cybersecurity awareness and phishing simulation program that was too resource-intensive. While they had a phishing-and-spam reporting button, it just sent emails to service desk. They wanted more. An Information and Communications Technology consultant recommended Hoxhunt for its:

  • Automated phishing simulation platform, which demands minimal resources from IT
  • Threat reporting button, and its link to SOC team
  • Elite customer success model
  • Fun, positive user experience

“Before Hoxhunt, threat reporting and security training was completely a service desk function. The Security officer had to do all the simulation phishing emails and it took a lot of time and resources. So, we wanted your simulations to free up resources on our side. We wanted to train our employees about phishing and give them awareness about cybersecurity. We wanted to prevent a phishing breach.” --Pascal Odermatt, Project Manager ICT & Services


Happy crew and passengers

Hoxhunt has been a significant culture-booster. Employees, IT and leadership alike, said Pascal, are happy with the Hoxhunt security training program. People talk about the phishing simulations in the halls, and send him emails about how they can obtain more stars to push their way up the Hoxhunt leaderboards. Threat reports have skyrocketed, much to Pascal’s delight. Hoxhunt helped instill a vibrant security culture at the company. People care about how their phishing performance measures up against their peers and protects their organization. That general enthusiasm shines through the performance metrics as well as Pascal’s inbox.

“Normally here in IT, if everything works well you don’t hear anything from our users. You just hear stuff in IT if something is not working. That’s why it was weird to hear other people talking about Hoxhunt and saying good things. They were actually saying, ‘Oh, did you see that phishing email?’ I hear people talking about it at the restaurant.”

Ace co-pilots

Pascal noted several features of the Hoxhunt training experience that appeal to him and his co-workers:

  • Design: It’s a fun and simple program to interact with
  • Leaderboards: He and his colleagues like the healthy competition on their cybersecurity performance. They often talk about how they can get more stars and raise their shield rankings.
  • Hoxhunt reporting button: This is perhaps the single most important feature. The threat reporting button is easy to find and use, and real threats are analyzed and dealt with in real-time by the SOC team
  • Outlook: Integration is seamless
  • Simulations: They are well-made and actually get harder, which makes it more interesting

But what is most appreciated about Hoxhunt? Several times, Pascal circled back to the managed service component. He heaped praise on the customer success team for how effectively they steward the program with quarterly meetings and excellent email response times.

“I feel like it’s in good hands. If there’s an issue I send it to support and the problem is solved within 24 hours. I appreciate the communication aspect and that’s a big reason why we chose you.”

“I think it’s a good product and I recommend it to others, especially because of the support.”

 Also impressive is the fact that Hoxhunt actively seeks out feedback, which makes its way back into the product, he said.


Born to fly

So, how did Pilatus achieve such rare cybersecurity culture and performance heights? What is Pascal’s secret? Pascal laughed and said he was surprised himself that his company’s cybersecurity performance was so comparatively excellent. They didn’t have an intensive onboarding program, or a mandatory participation policy, or anything else like that. Perhaps, he said, their users were already quite security-conscious due to their industry, and had been prepared with the service desk reporting button before Hoxhunt. But ultimately, he thought Hoxhunt deserved the credit.

“I think the training just speaks for itself. The simulations are really well made and people learn from them. We are really happy with how it’s going.”