Zurich International School increased their cybersecurity without burdening their IT team
Cyber criminals are increasingly targeting schools such as Zurich International School. They initially responded by providing cybersecurity info sessions for their staff on an ad hoc basis. However, a worrying security review made it clear that this was not enough.
Staff behaviour changes through frequent and active training
We spoke with Andrew Blair, IT manager at Zurich International School. He told us that the school used to organise two information sessions per school year to raise awareness about the dangers of phishing. However, this was very time-consuming for the IT team - and it also had very little impact.
For this reason, they started looking for a partner who could not only take over this task, but also increase its frequency. A partner that offered engaging training and, all the while, could provide reliable, human support. Phished was by far the best choice.
"With automated phishing campaigns you learn by doing, in a discreet way, how to approach emails safely. Since we started this, we've noticed that people are checking the senders much more frequently, for example, and being vigilant about where emails link to," says Andrew Blair.
Why Zurich International School chose Phished
Unburdening both IT and teachers
Their current, continuous cyber awareness strategy is in stark contrast to that of the past. After a security analysis, it became clear to them that their human firewall could be a lot more robust: "Life behind the school gate is busy. Staff get more than enough on their plate, both the teachers and our IT department. So, we went looking for a partner who could lighten the load by taking over the cyber awareness part completely," says Andrew.
"We're very happy that Phished is now taking on this task. It has been a learning process for all of us and the simulation campaigns are already bearing fruit."
Premium security awareness training as well as premium support
Changing people's online behaviour is not something you do overnight. Security awareness training is most effective when implemented structurally and at a comfortable pace. That is usually a lot of work; but not so with Phished. With the platform, you can effortlessly train the whole of your organisation.
"The platform was fully automated, and you get value for your money. This was decisive for all of us as we want to work together for the long term. We see Phished as a solid investment." says Andrew Blair.
A major challenge for SaaS companies is providing reliable and human support. "The people at Phished were a lot more helpful than the competition. They made time for supportive conversations and the demo was very informative. They showed how the platform could serve us."
The people at Phished were very helpful. They made time for supportive conversations and the demo was very informative. They showed how the platform could serve us.
A versatile solution for any cybersecurity strategy
Phished is not a one-size-fits-all platform, and Andrew can attest to that. Every organisation has its own culture and receiving phishing simulations was something completely new for the staff at Zurich International School.
That's why they opted for a phased rollout. At each stage, they increase staff engagement: "We didn't want to reveal all our cards right away. We first did a baseline measurement - which was not particularly dazzling - on which the first simulation campaigns were based. Thankfully, that's going better now. In a few weeks, we'll be fully integrated into the Phished eco-system and our IT department will be able to fully focus on their core business."
