Webbanner
Back to overview
Case study

Automated security awareness training with real impact for DockYard

Too much effort, too little impact. That’s how Victor Oates, Director of IT & Security at DockYard, sums up his experience with traditional security awareness training. “There was always a pain point, even with the big names,” he says. The sessions rarely delivered real value and didn’t reflect the day-to-day reality of their teams.

Switching to Phished changed the game immediately: simulations that feel real, and training sessions that are always relevant and up to date. In this case study, Victor shares why Phished stands out from the competition – and why DockYard’s IT team fully embraces the holistic approach.

PHI Youtube Dockyard EN

Why Phished:

Realistic and relevant: the simulations are event- and region-specific, and the training is tailored to employees — ideal for an international, remote team like DockYard.
Ready for compliance: With Phished, DockYard easily checks all the boxes for SOC 2, NIST, and GDPR – critical for enterprise clients and their insurers.
Fully automated: The platform runs itself, with zero added workload for IT. No follow-up, no micromanagement.

Relevant, real-world training tailored to your team

Phished automatically adjusts simulations to match each employee’s level and context. “Even our senior software engineers have been caught by a simulation,” says Victor. “But it’s not about ‘gotcha’ moments. It’s about learning from mistakes – real learning that sticks.” The focus is on positive behavioral change and building real awareness, not blame or shame.

What really sold Victor was how hands-off the platform is. “I’m not babysitting campaigns anymore, Phished runs in the background, improving our posture, without adding to my workload. I still check in now and then to see how it’s going, but the micromanaging days are over.”

“I’m not babysitting campaigns anymore, Phished runs in the background and boosts our cybersecurity, without adding to my work schedule. That’s rare – and exactly why it’s so valuable.” 

Compliance without the headache

Cybersecurity has always been a priority at DockYard. But as the company grew and started attracting bigger clients, the bar got higher. “We needed to meet standards like SOC 2, GDPR, NIST – and satisfy our cybersecurity insurer too,” says Victor.

“Sure, we could’ve just ticked the boxes. But we wanted more. We wanted a culture where security awareness isn’t just an IT thing – it’s something the whole team lives and breathes.” The insurer was also impressed with the consistent, high training frequency.

Fully personalized, without extra effort.

“You don’t need to hire anyone to run or follow up on phishing campaigns,” says Victor. “Phished takes care of everything, with minimal maintenance.”

When he saw the platform in action, he was sold right away. “I thought, wow – I literally just shaved off so much of my work schedule, because now I don’t have to maintain it. Finally, I can focus on the projects that really matter.”

And for a global team, the localization is a huge win. “We’re active in multiple countries. The team in Brazil gets a completely different email than the one in the US or the Netherlands – tailored to their context. It all runs automatically, and still feels personal.”

Book a demo

More stories

Show all
PHI Client Case Mossaino Danjiel
PH Mossaino Logo

Effective security awareness for clients, without extra work for Mossaino

Redexis Thumbnail
Redexis Logo

Redexis replaces one-time training with frequent automated security awareness training using Phished

Thumbnail Nodelink
Partnerslider Nodelink

Nodelink makes clients cyber resilient with tailored holistic security awareness training

Show all