B&P ensures that employees' apps and devices are fully cyber-safe

B&P Professionals is a national staffing agency that sends out young, talented employees to the banking, insurance, and public sectors. They mentor them and train them in the first years of their careers; this means that these young potentials often still have a lot to learn – including in terms of cybersecurity.

With an increasing number of companies falling victim to cybercriminals, it is becoming increasingly difficult to get cybersecurity insurance. Not surprisingly, B&P was able to demonstrate a lot of technical and management measures when it applied for its insurance. A single annual awareness training course was also among the requirements.

“Technically, we were all set,” says Niek Bleumink, Director at B&P, “but our collaboration with a pen testing firm showed that there was work to be done in terms of our employees’ security awareness.”

B&P used the pen test partner’s training service, but Bleumink soon realized that more would be needed: “We were given a full day of training, but that really seemed insufficient. Such a seminar is quickly forgotten and then you are left with the same vulnerabilities. And on top of that, our insurer only requires one such training per year. That bar is far too low, in my opinion.” And that’s when he started looking for an alternative.

“We found Phished soon enough. The innovative nature of the platform immediately appealed to me. Instead of one-off training, our staff can now be trained throughout the year. Moreover, the different, scattered learning moments take almost no time from our staff. They help bring about real behavioral change.”

When B&P started training its employees, they turned out to be quite vulnerable to phishing simulations. “Many of our employees readily clicked on suspicious links,” Bleumink recalls. “Since we’ve been testing them more regularly with Phished, that’s improved a lot, though: nowadays no one gets tricked by a simulation.”

“Combined with the low maintenance of the platform, it was a very good investment. At most, we check all the settings once a quarter to make sure they still match our requirements, but other than that, the platform does everything for us. The report that automatically arrives in our mailbox every week tells us everything we need to know.”

B&P Professionals was well secured thanks to several technical interventions. However, they were looking for just a little bit more to protect their employees: continuous training that keeps the human side of the organization constantly alert. So not only does the organization know how to keep its employees safer, implementing Phished also helps them meet cybersecurity insurance requirements.