When firewalls aren't enough: Dolmen Insurance Brokers is safer with Phished

"We are besieged daily by spear phishers," says Gerard Luiten, IT manager at Dolmen Insurance Brokers. They continuously receive suspicious emails that appear to come from their financial administration or managing director, for example.

Prior to working with Phished, the company's employees were informed on an ad hoc basis about circulating threats, including through screenshots. Until someone clicked on a malicious link and unleashed a ransomware attack.

Dolmen Insurance got out of it by the skin of their teeth thanks to their security software, but it was a solid wake-up call. "After this incident, it was clear to everyone in the company: we urgently needed to do something about cyber awareness among our employees," says Luiten.

As an insurance broker, Dolmen Insurance attaches enormous importance to safeguarding customer data. That is why sensitive data can only be accessed via devices approved by the IT department. Similarly, the company software can only be installed by administrators. Additionally, the insurance platform lies entirely in the 'cloud' and is secured with a double firewall.

So technically they were already strong, but the ransomware attack cost the company a significant number of working hours in clean-up. Their conclusion: they had to work on an impenetrable human firewall. “We were shocked to hear that the user found the e-mail suspicious but opened it anyway. At that point it was clear to us: we need to make our people more resilient", says Luiten.

Dolmen sought a way to raise awareness about cyber security among colleagues in a sustainable manner without overburdening the IT department. "We wanted our people to understand what the difference is between an ordinary email and, for example, a spear phishing email," says Luiten. "We wanted to find a partner to whom we could entrust this task."

Phished stood out to Dolmen Insurance right away. "We didn't actually have to look for other solutions; Phished offered everything we needed."

It used to be that at Dolmen Insurance malicious links were being clicked on two to three times a week; a thorn in the side of the insurance broker who has to manage a lot of sensitive data. Fortunately, according to Gerard Luiten things are now a whole lot better: "Nowadays, it doesn't happen more than once every six to seven months that someone clicks on a link from a phishing simulation. Since we started working with Phished, our people are much more alert and we notice that they approach incoming emails with scrutiny."