Cybersecurity Training

Enterprise-Wide Cybersecurity Training for a Global Food Giant

Project Timeframe: Fall 2021 – Ongoing

A large food company headquartered in the United States was in need of a cybersecurity training solution across the enterprise. With office locations across North America and Europe, the organization’s workforce needed to enhance its top-to-bottom awareness of cyber threats. 

Background and Challenge

Like most organizations doing business in today’s digital landscape, the company is being inundated with non-stop Phishing emails, as well as other potential cybersecurity threats. 

With constant threats always on the horizon, it was incumbent upon management to train employees from all departments to recognize and report potential these threats while increasing overall security awareness.

 

Cybersecurity
Approaches and Solutions

The company, along with Triveni’s help, identified the need for deploying a large-scale cybersecurity training solution that would seamlessly integrate with their existing technology. In doing so, this would allow their IT department to manage and control access to the training program from its main Active Directory environment while allowing training administrators to focus on building training campaigns. 

With numerous training solutions on the market, the decision was made to go with a leading SaaS cybersecurity training vendor, KnowBe4. Using that service’s features and integration points with Microsoft’s Active Directory, the training team was able to test the solutions ahead of deployment, create training-specific groups, set up and manage training campaigns, and conduct Phishing experiments.

Basic training commenced in North America in the fall of 2021 for over 700 employees and included a general introduction to cybersecurity. Following that training, Triveni conducted a Phishing campaign in February 2022 that targeted different business units (i.e., executives, legal, marketing, sales, production, transportation, etc.). 

Based on that initial campaign’s outcome, Triveni deployed a follow-up round of training that served two purposes:

  • Reinforce cybersecurity basics for employees who showed higher Phish-Prone scores.
  • Provide business unit-specific training campaigns that focused on threats within those areas.

The second training campaign was followed-up with another month-long Phishing campaign.

Along the way, the company’s Help Desk was tasked to capture any reports of oddities and phishing attempts directed at staff. To add to the overall measurement of awareness levels, the organization utilizes other tools and software to determine the true level of effectiveness of the training.

Finally, reports and recommendations from Triveni’s cyberteam are then provided to senior management for consideration.

Outcome

The company now has a cybersecurity training “template” that can be deployed to other locations.

According to the reporting and the feedback from Help Desk, their employees are demonstrating a higher level of awareness with regard to cybersecurity threats. 

In addition, most departments are seeing less Phishing incidences and are reporting suspect emails to Help Desk. 

Training will continue with the European offices based on the training campaign templates established in North America.

Chart Showing Improvement

Let’s work together on your next project.