We talked to Rolf Kapitein, head of automation at Probedrijven, about how they improve security awareness with Guardey. He told us why Guardey is crucial for compliance with information security directives, how the gamification motivates employees to learn, and how he uses the monthly progress reports to put security awareness on the board meeting agenda.
Rolf, can you tell us a bit about Probedrijven?
Probedrijven is a social and sustainable company with the goal of making work accessible to all. We create opportunities for people to learn a craft of get work experience. We do this for 3 municipalities in Kop van Noord-Holland. Currently, we have about 700 employees ā 80 of them in the office.
Why is security awareness training important for Probedrijven?
We have taken a lot of measures to keep our data as safe as possible. Spam filters, phishing filters, two-factor authentication, you name it. We also did a phishing test earlier, which showed us that about 10% of our employees clicked the phishing link and some of them even filled in personal data. Weāre usually able to filter a lot of these phishing mails, but a small percentage of the phishing still makes it through, which puts us at risk.
We presented the results of the phishing test to the company to improve the awareness of cyber risks. But we only did that presentation once. And people who joined the company later on didnāt get to see it. Besides that, how much of what is said during a one-time presentation still sticks with you a few months later? We want our employees to constantly be aware of cyber threats.
Thatās why we started to look for an accessible solution to improve security awareness and cyber risk recognition. And thatās how we found Guardey.
Why did you decide to choose Guardey over other solutions?
We were looking for a solution that offers recurring and measurable training. Thatās a hard requirement for us. We work for the local municipality, and in the Netherlands, all government bodies need to comply with the national BIO information security standard. The BIO standard requires you to actively train your employees on security awareness.
We didnāt want a security awareness training solution that felt like an obligation or was too time-consuming. We understand that our employees are busy. With Guardey, people can decide when they want to learn. And it only takes them a few minutes of their time.
How are the employees reacting to playing Guardey?
People are enjoying the gamification elements of Guardey. When you start the game, you have to start your own fictional organization. By doing challenges, you can earn money for that organization and rise on the company leaderboard. Many of us are curious about who is who and it sparks up conversation. People are learning new things about cyber security, Iāve often heard āI didnāt know thatā over the past few months. Many colleagues are even playing the bonus challenges, just to beat their colleagues on the leaderboard.
Iām also playing Guardey myself, and Iāve had plenty of questions that took me a while to answer. So itās valuable practice for anybody, whether youāre experienced in this field or not.
How are you monitoring and measuring learning progress?
Every month, we get a report on the learning progress of all users. Here, you can see how the users are performing compared to a global average, what the participation rate is, and so on. We see that weāre currently performing close to average, so thatās very reassuring. Not only for me but also for the board. The monthly Guardey report has even become a part of the monthly board meeting agenda.
Why Guardey is the right fit for Probedrijven
Probedrijven wanted to improve the awareness of cyber risks among their employees. Hereās why they chose Guardey as their security awareness training solution.
Gamification
Probedrijven was looking for a solution that intrinsically motivates employees to learn. Guardey adds an element of friendly competition that makes security awareness training more engaging.
Recurring training
With Guardey, employees get 3-minute challenges every week. You can also choose a cadence of bi-weekly or monthly challenges. Over time, this drives lasting behavior change for Probedrijven.
Reporting
To comply with information security directives, you need to be able to prove participation and learning progress. Guardeyās reports have become a part of Probedrijvenās monthly board meeting, providing them with insights on how to further improve the security awareness of their employees.
Donāt let hackers outsmart you
Make sure your organization is prepared to recognize cyber threats with Guardey.Ā Start your 14-day free trial today.