A Scandinavian transportation provider required assistance in the formulation of a request for proposal (RFP), and subsequent coordination and implementation of awareness software. The software specifically aimed to improve the information/cyber security awareness and culture of the client company. This would be achieved through a successful implementation and use of the awareness which employed functions within areas such as phishing-campaigns, training, competitions, and other.
WHAT WE DID
Christian supported and coordinated the formulation of the ‘request for proposal’ in collaboration with client SMEs and procurement. Having acquired the software, Christian was responsible for the coordination and management of implementation activities. The scope of the project included the deployment of a phish-alert-button (PAB) on all endpoints with a Microsoft email client, baseline of the initial awareness-level, integrating the Active Directory (AD) with the awareness platform, and whitelisting of faux-phish-emails in the client’s newly acquired email threat protection (ETP) system. Additionally, the software’s visuals were configured to match the company’s corporate visual identity. The deployment of the phish-alert-button (PAB) specifically was handled in conjunction with communication experts (handling the first awareness campaigns) and roadmaps were to ensure that there were no bottlenecks on the technology side nor any miscommunications to the employees of the client organization.
The successful implementation of the awareness software system resulted in an improvement of the client’s security posture. This was achieved mainly through the active and continuous adjustment of employee behavior trough training, competitions, and campaigns as well as enabling them to ‘sound the alarm’ in case of a phishing attempt (using the PAB).