Case Study – Cyber Security Testing & Training

Our client invests in, refurbishes, and develops properties for retailers. They have 10 employees, who use the Microsoft Office 365 suite, managed backups, and our Untangle firewall solution. They work out of a modern open office space.

We were approached by one of the directors of the company when onsite giving training to staff. They felt like their staff’s cyber security knowledge was lacking. As they are a business that deals in a large amount of money handling and private information want their staff to be on the top of their game when using any tech. They asked us for a way of testing their staff’s knowledge and providing tuition to better their Cyber Security Expertise.

We recently began using a new cyber security platform for the exact reason this director had asked, proving cyber security testing and training to our clients. We have developed an internal road map starting with a 2-month trialling period. During this period we use our Phishing tool too highlight which staff are liable to fall for fakes. We set these up using official license pages from large companies like Microsoft (SEE IMG1) and Amazon (SEE IMG2). From here we then send these out to the users in the company and we can see the clickthrough rate, whether they’ve opened the website and if they’ve put any details in (SEE IMG3).

This platform also allows us to perform a Dark Web Scan. This scan shows us if any accounts signed up for with work emails have been compromised, where they were compromised and what information was leaked. For this company, some of the results were especially concerning (SEE IMG4).

From all of these results so far we can then use our tuition portal within the platform to provide training to each user. They first take an entry test, which uses a security and training algorithm to find out the user’s weak points. From these results and the results from our dark web and phishing tests, we can provide tailored tuition. As you can see there is an expansive list of courses and there are only a few available. (SEE IMG5).

In our final meeting after the trial we also plan to look over the company’s policies, this platform has a large range of policy management and creation tools from Password policies to Clean Desk Policies. If any areas are highlighted as not being documented we can help get those policies in place and ensure that all staff are aware and acting within the business’s best practices.