RiskBuddy

Case Studies

Case Studies

Cybersecurity is vital for businesses of all sizes and industries

Director, Information Technology

Industry: Education | Company Size: 250< Users

We deployed the training to meet our requirements for ISO 27001 and improve staff awareness, as we had seen an increase in inbound threats across the business (in particular, employee-targeted phishing attacks).

Having researched a number of vendors, we opted this training platform due to its simplicity in administration, quick and easy setup, and high quality of course content.

The automation tools have brought excellent user adoption rates and have considerably raised security awareness without heavy administration.
Director Information Technology
Education

The automation tools have brought excellent user adoption rates and have considerably raised security awareness without heavy administration.

Notably, the AutoEnrol feature enabled us to rapidly deploy training programmes unique to our employees’ security weaknesses, with continuous management made easy through automated course invites, reminders and weekly summary reports. Overall, the platform is admin-lite and proving highly-effective with driving employee security awareness across the organisation.

Overall, the platform is admin-lite and proving highly-effective with driving employee security awareness across the organisation.
Director Information Technology
Education
Director of IT & Transformation

Industry: Transportation | Company Size: 400< Users

We have a requirement for a security awareness training solution mainly to improve our employee awareness around information security, but also to be able to demonstrate to an ISO 27001 auditor that we are following a robust process.

The management metrics are available to assist us in monitoring employee progress and performance against the scheduled courses.
Director of IT & Transformation
Transportation

The management metrics are available to assist us in monitoring employee progress and performance against the scheduled courses.

This has been invaluable in seeing on a weekly basis who is falling behind with their courses, which is something that we’ve now built into a disciplinary framework to ensure that employees are completing the required training. The other attraction was the granularity of the course modules and topics covered. We prefer the modular approach as it allows courses to be targeted on areas of risk or need, identified from the initial gap analysis.

This approach accommodates the different levels of competence across the organisation and means that employees are only scheduled to complete courses in areas of weakness or high risk.

The performance metrics and course completion statistics allow us to identify areas of risk where employees are potentially under-performing, and to monitor overall performance of individual department (particularly the high risk areas like HR and Finance). The ISO 27001 auditor was particularly impressed with this and other information we had to demonstrate due diligence.