Finding a security awareness provider

Studies from Stanford University show that about 88% of all successful cyber attacks and data leaks are due to human error, and about 43% of working-age people admit to having made mistakes that compromised their company’s cybersecurity. To reduce the number of such mistakes, companies are increasingly looking to train their staff on potential cyber risks.

How our tendering significantly strengthened the employee awareness of a major automotive supplier

What we were faced with

Our customer, a German automotive supplier with 10,000+ employees experienced phishing attacks frequently, with very low participation in cybersecurity trainings

Learn more

How our team helped

We identified the company-specific requirements and supported the selection of th.e most suitable service provider through an anonymous RFQ

Learn more

What we achieved

Through our in-depth market analysis and the selection of a qualified provider, the click rate of a potentially dangerous mail could be reduced by a factor of 5 after a short time period

Learn more

Perspective from one of our experts:

“It’s harder to solve than just rolling out another awareness campaign or issuing more policies, but I believe good security is built upon the psychological safety to discuss dilemmas and a learner mindset to challenges and incidents.”

Read the whole interview

Clare Patterson

Former CIO of Shell Energy

Challenge

Regular phishing attacks

A large German automotive supplier experienced regular phishing attacks in the past period. Despite a basic awareness offering for its employees, participation in cybersecurity training was very low. This posed major challenges for the company’s internal IT-security.

Find out how you can increase your security through awareness trainings

Learn more

Approach

Key requirements and anonymous RFQ

Our customer asked us to increase the participation rate in awareness trainings in order to reduce the click rate of phishing emails as quickly as possible. We first began with the identification of the company-specific requirements. On this basis, we selected three suitable providers based on seven criteria through a detailed market research. We especially focused on the simplicity of integration into existing systems and applications. We then created an anonymous RFQ among potentially suitable service providers and supported our customer in selecting the most adequate tender.

The CyberCompare method:

Determination of customer-specific security requirements
Preselection of suitable providers
Anonymous tendering
Individual recommendation of appropriate suppliers

Effect

Reduced click rate due to increased awareness

Based on our customer’s requirements, we contacted three qualified and suitable providers for awareness trainings. We organized a supplier presentation, transparently discussed all details with our customer and made a recommendation. Thanks to our expertise and our verified provider network, our customer was able to select the most suitable provider. The implementation of different awareness trainings increased the acceptance of the measures and encouraged the sensitization in the company. After only a short time, the click rate of phishing mails was reduced from 50 % to 10 %.

Make a free appointment to compare awareness/ phishing providers, tailored specifically to your requirements

Make an appointment now

Simeon Mussler

COO Bosch CyberCompare

+49 (0)711 811-19893

Simeon.Mussler@bosch.com