About Roosevelt Kliniek
The Roosevelt Kliniek is an institution for specialty medical care in gynecology, dermatology, cosmetic dermatology, surgery, and skin therapy. They have locations in Dutch cities Leiden, Delft, and Monster, and their team consists of 33 employees.
Challenge
“We are a healthcare organization that cares about the privacy of our patients,” says Kim van Polanen, operational manager at Roosevelt Kliniek. “That’s why a strong cyber security strategy is essential for us. We’re already covered on the technological side, but believed we needed to invest into the security awareness of our employees too.”
“Most solutions we found online were focused primarily on phishing prevention. However, we were looking for a training solution that covered a wider variety of topics, such as ransomware, password security, and so on,” says van Polanen. “As a medical institution, we have specific security measurements in place to protect patient data. This includes how we control access to our computers, the place of personal electronic devices at work, and how to act in case of a cybersecurity-related issue. So we wanted to be able to customize the training content to add that information.”
Solution
“With help from Guardey, we first set up a phishing simulation,” says van Polanen. “The Guardey team created a fake email tailored to our organization, with the HR solution we use as the sender.” Because this was a phishing test with real social engineering, more employees clicked on the fake phishing link than during their usual annual phishing tests. “These results helped us to convince our employees that regular cyber security training was necessary.”
With Guardey, Roosevelt Kliniek now trains security awareness with gamification. During weekly challenges that take up to three minutes to complete, they learn about topics such as phishing, CEO fraud, password security, and more. “Soon, we’ll also start adding our custom content,” says van Polanen.
The reactions from the team about using Guardey have been positive. “Guardey is a fun way to learn about cyber security because you’re playing a game. Other solutions we tested used a lot of long-winded videos, which made for a passive learning experience. We also felt people could easily just turn on the video and play a game on their phones until the video was over. You can’t slack off with Guardey.”
Values
Van Polanen defined three main values of using Guardey.
Custom content
“Guardey will enable us to add custom content, including our own cyber security regulations. This is key for us,” says van Polanen.
NEN 7510 compliance
The NEN 7510 directive, which was developed especially for Dutch healthcare organizations, sets a framework that implies healthcare organizations should invest in the security awareness of their employees. “With Guardey, we now also comply with this standard, which is something we highly value.”
High participation rate
“In the first months of using Guardey, we’ve had a participation rate of 95%”, says van Polanen. “It doesn’t take us much effort to convince the team to take on their weekly challenges.”
Don’t let hackers outsmart you
Make sure your organization is prepared to recognize cyber threats with Guardey. Start your 14-day free trial today.
