Become a Partner
Back to cases overview

A conversation with EyeOn: boosting security awareness with gamification

EyeOn's cybersecurity week winners.

We spoke with Dan Roozemond, data science lead at EyeOn, about boosting the security awareness of employees with gamification — and how he organized a cyber security week to get the entire team aligned with the importance of cyber security.

Dan, can you tell us a bit about EyeOn and your role?
Absolutely. I’m Dan, data science lead at EyeOn. EyeOn helps large companies, on an international scale, with supply chain challenges in planning , forecasting, and more. We have about 100 employees in The Netherlands, Belgium, Germany, Switzerland, Ireland, and the United States.

Can you explain why cyber security is important for EyeOn?
We need to protect our daily activities as well as we can. That is essential for us. We have access to a lot of confidential customer data. Our customers trust us with that data and we can’t let them down.

A fundamental principle for security is having the right policies in place and ensuring our daily behavior is in line with those. Last year, we invested a lot of time and effort in bringing our security to the next level. An example is aligning the organizational processes to become ISO27001 certified. If everything goes according to plan, we will receive the certificate at the start of 2024.

Why did you decide to organize a cyber security week?
It’s twofold. On one hand, we wanted to organize a fun and interactive way to increase security awareness among our entire staff.

But it also has something to do with our ISO27001 certification: being certified comes with many responsibilities for our employees. This means we have to make our staff aware of cyber threats and be able to show that we’re doing enough to do so. That’s how the idea came about to organize a cyber security week.

Sounds great! How did it go?
We started every day with an interview of 15 minutes and called that the safety catch-up. Every day had a specific theme. The first one was called ‘from desk to destination’. This was all about security measures during traveling, such as using a safety screen, storing your laptop safely, and so on. Another theme was all about confidential data, which is what we called ‘how to not get in trouble with the SEC’.

On the third day, we talked about cyber security threats such as CEO fraud. On the last day, we talked about the importance of our ISO27001 certification and articulating its value to our customers and prospects: Because our customers are asking about it, it’s important to show them that we take that seriously.

Each day, we came up with challenges that employees could take on to score points. During the confidential data theme, employees could score points by cleaning up their downloads folder. At the end of the week, we rewarded the winners with a big trophy and a small gift in the form of a chocolate key.

What role does Guardey play in making employees at EyeOn more security aware?
Our employees play Guardey’s weekly challenges to learn more about cyber security. During the cyber security week, you could score the most points by taking on Guardey’s challenges. In the game, you can make money for your fictional company by answering questions correctly. That money all counted as points during the cyber security week.

How did the employees respond to all the activities?
The responses were great. The team was proactively involved, attended the daily sessions, and also took on the challenges. It made for a good vibe within the company. The team enjoyed playing the Guardey game and many felt compelled to keep playing it, which is a great sign.

I already noticed the effects a couple of days after the cyber security week. People are pointing out security issues that they didn’t spot before. It shows that they are becoming more aware of the importance of security.

How did EyeOn make it happen?

Here’s what EyeOn did to successfully introduce the importance of cyber security within the organization.

Offer weekly training via Guardey
By playing Guardey’s security awareness game, employees learn about cyber security in 3-minute challenges. Over time, this drives lasting behavior change.

Organize a cyber security week
To get the team onboard, EyeOn organized a cyber security week that got the entire staff excited to learn more about cyber security.

Don’t let hackers outsmart you

Make sure your organization is prepared to recognize cyber threats with Guardey. Start your 14-day free trial today.

Frequently Asked Questions

What is gamification?

Gamification is adding game elements into non-game environments, such as security awareness training, to increase participation and foster active learning.

What are the benefits of gamification in security awareness training?

Traditional security awareness training can often be dry and boring. With gamification, the complex subject matter is transformed into an engaging and memorable experience.

By integrating game elements such as challenges, quizzes and rewards, it incentivizes users to actively learn. This makes the training more enjoyable and fosters a sense of competition and achievement. This combination drives better retention and application of cyber security knowledge.

Why is it important to train security awareness on a weekly basis?

Research shows that up to 90% of the learnings from yearly or even quarterly training are forgotten within a few weeks. Guardey was built to keep its users aware of cyber threats 365 days a year. The game comes with short, weekly challenges that slowly builds up the user’s knowledge and eventually drives lasting behavior change.

Which topics are covered in Guardey’s security awareness game?

Guardey covers a wide array of topics to train users about all currently relevant cyber threats, put together in collaboration with ethical hackers and educationalists. The topics covered include phishing, remote work, password security, CEO fraud, ransomware, smishing, and much more.

How much time do the weekly challenges take?

Every challenge takes up to three minutes to complete.

Can I use Guardey to comply with the ISO27001, NIS2, and GDPR security awareness policies?

Yes. ISO27001, NIS2, and GDPR all require that all employees receive appropriate security awareness training. Guardey is always up-to-date with the latest cyber threats, policies, and procedures.

Is security awareness training important for all employees, or just specific roles?

Cybersecurity awareness training is crucial for all employees, not just specific roles. Every staff member can potentially be a target or an unwitting entry point for cyber attacks. Training helps create a security-focused culture and minimizes risks for the entire organization.

While certain roles may require specialized training, a foundational level of training should be accessible to everyone.

In which languages is Guardey available?

Guardey is available in English, Dutch, Italian, French, Spanish, German, Polish, Swedish and Danish.

Want to ask more questions?
Get a personal demo

Get the latest resources & news, delivered directly to your inbox.

Anouk ter Harmsel

Let's protect your business!

  • Try completely risk free
  • 24/7 support
Start 14-day free trial