Schedule a Demo
Back to cases overview

How Oké Groep trains cyber awareness with gaming

About Oké Groep

The Oké Groep is a multidisciplinary maintenance company. They specialize in architectural maintenance, cleaning and asbestos removal in the Greater Amsterdam and South Holland region in the Netherlands. With 100 of their own employees and several subcontractors, they are a major player in the market and take care of clients from various sectors including housing corporations, healthcare institutions and schools on a daily basis.


After receiving a lot of phishing emails, Oké Groep decided to do a phishing test last year to test the cyber awareness of their employees. During this test, they sent fake emails to see how many would click a possibly harmful link. The result? 29.4% did, which was higher than expected. Even though they offered cyber awareness training via an e-learning tool, many of Oké Groep’s employees still weren’t equipped to recognize a cyber threat that could lead to a data breach.

That’s when Oké Groep knew they had to look for a better way to train their employees to become more aware of cyber threats and act accordingly.


One thing that stood out in the feedback that Oké Groep got from its team was that the cyber awareness training wasn’t effective. The e-learning material was dense and was full of long-winded and boring material. It was hard to take in that much information all at once. With only one training a year, it was even harder to retain all the information.

To offer cyber awareness training that was more engaging and recurring, Oké Groep introduced Guardey. Guardey uses gamification to train cyber awareness with weekly challenges that take up to three minutes to complete. It’s a fun way to learn about complex topics and it builds knowledge retention over time. There is a leader board that shows employees how well they’re doing compared to their team members, which adds a fun element of competition.


After using Guardey for only a few weeks, three main values were defined:

Improved knowledge retention

Employees note that they feel more confident that what they’re learning sticks with them because they are doing a short challenge every week.

Increased engagement

The team is excited to do the challenge every week and see who is on top of the leaderboard.

Better phishing test scores

When Oké Groep did another phishing test recently, the scores had improved by 84%.

Frequently Asked Questions

What is gamification?

Gamification is adding game elements into non-game environments, such as security awareness training, to increase participation and foster active learning.

What are the benefits of gamification in security awareness training?

Traditional security awareness training can often be dry and boring. With gamification, the complex subject matter is transformed into an engaging and memorable experience.

By integrating game elements such as challenges, quizzes and rewards, it incentivizes users to actively learn. This makes the training more enjoyable and fosters a sense of competition and achievement. This combination drives better retention and application of cyber security knowledge.

Why is it important to train security awareness on a weekly basis?

Research shows that up to 90% of the learnings from yearly or even quarterly training are forgotten within a few weeks. Guardey was built to keep its users aware of cyber threats 365 days a year. The game comes with short, weekly challenges that slowly builds up the user’s knowledge and eventually drives lasting behavior change.

Which topics are covered in Guardey’s security awareness game?

Guardey covers a wide array of topics to train users about all currently relevant cyber threats, put together in collaboration with ethical hackers and educationalists. The topics covered include phishing, remote work, password security, CEO fraud, ransomware, smishing, and much more.

How much time do the weekly challenges take?

Every challenge takes up to three minutes to complete.

Can I use Guardey to comply with the ISO27001, NIS2, and GDPR security awareness policies?

Yes. ISO27001, NIS2, and GDPR all require that all employees receive appropriate security awareness training. Guardey is always up-to-date with the latest cyber threats, policies, and procedures.

Is security awareness training important for all employees, or just specific roles?

Cybersecurity awareness training is crucial for all employees, not just specific roles. Every staff member can potentially be a target or an unwitting entry point for cyber attacks. Training helps create a security-focused culture and minimizes risks for the entire organization.

While certain roles may require specialized training, a foundational level of training should be accessible to everyone.

In which languages is Guardey available?

Guardey is available in English, Dutch, Italian, French, Spanish, German, Polish, Swedish and Danish.

Want to ask more questions?
Get a personal demo

Get the latest resources & news, delivered directly to your inbox.

Anouk CTA Guardey website

Let's protect your business!

  • Try completely risk free
  • 24/7 support
Start 14-day free trial