A security awareness process
A security awareness process
As cyber threats travel at the speed of light, the user becomes the last bastion of corporate security
THE DEBRAINED RING OF THE CHAIN
In 2020, cyber attacks worldwide increased by 12%, the global value of the damage suffered amounting to 2 times the GDP of Italy as a whole. 10% of these attacks exploited Covid19, an issue with a high emotional and media impact; In this context, where no technological solution can guarantee adequate reliability in protecting one’s own data, the last bastion left to defend organisations is the user, who unfortunately is almost always also the weak link in the chain;
A family history of people and orchards crossing paths, of Italian recipes and wisdom, since 1890; When Ernest August and Maria Zuech, together with their 14 children, started cultivating fruit on their farm in Lana d’Adige, they did not know that the history of their orchards would go so far; Founded in 1890 by a family that grew up among its trees, learning to understand their times, rhythms and laws, Zuegg is today an international group with production plants in 4 countries (Italy/Germany/Russia/France) and 2 sales offices (Switzerland/Austria); A large company specialising in fruit processing, with 570 employees and still many stories to tell;
Improving the organisation’s security level by investing in user training. An increasingly challenging environment and the exponential growth of cyber threats convince Zuegg to strengthen its defence perimeter by investing in new cybersecurity projects; Thus, in 2019, an assessment process begins that highlights the need to fill a knowledge gap for users using the company’s IT systems by launching specific training courses; Zuegg strongly believes in this path and decides that its employees will not be the weak link in the security chain but the first corporate defenders against external threats;
Zuegg entrusts Eurosystem with a security awareness programme in managed service mode;
“We recognised Eurosystem’s proposal as the most suitable solution for our needs, appreciating the innovative contribution of the ProofPoint Security Awareness Training platform, the managed service delivery, and the e-learning training approach, which we preferred to classic classroom training both for organisational reasons but also for the flexible and dynamic teaching approach that best suits the working needs of our various user groups,” comments Tecla Geremia, Chief Information Officer of Zuegg SpA;
A project in several stages;
identification of user groups, degree of exposure to cyber risk, training content to be prepared
creation of annual training calendar and technical preparation of test campaigns
production analysis and final statistics on training results
management of 10 simulated phishing campaigns and 9 e-learning training modules; monthly analysis of results
A success for Zuegg and all its employees
- 80% of the users completed the entire training programme..
- 50% fewer users were deceived between the first and last simulated phishing campaign.
- 12 months for an overall and gradual improvement of all indices used by the programme to measure the cyber risk awareness of corporate users.
“We have been able to measure a very good adherence to the project, a marked improvement in testing, but above all the positive feedback from many users who, as a result of the training, finally felt safer and more aware;