case study

How Eckes-Granini Group transformed cybersecurity awareness with Hoxhunt

Client logo
About

Revenue: 873 million EUR

Headquarters: Nieder-Olm, Germany

Founded: 1857

Number of employees: 1708

Challenge

Email threats were identified as a top security risk, but existing cybersecurity awareness training programs were consistently found to be unsatisfactory due to their static, one-size-fits-all curriculum and lack of meaningful results.

Solution

Eckes-Granini, Europe's largest juice production company, reduced their risk of data breaches by raising their phishing email reporting rates and lowering malicious link clicks with Hoxhunt's Human Risk Management and Security Behavior Change platform. The anti-phishing training was selected by CISO Fritz Worsch for its dynamic and adaptive training content, continuous training cadence, and world-class managed service component. The CS team got the program on track, and the automated platform kept it going with customized learning paths based on dynamic, gamified content that adapts to user skill level.

Key takeaways:
Featured image
“I’ve been in IT for 30 years, but I’ve never seen such a professional onboarding like you at Hoxhunt have done with us. We have reached over 70 per cent of employees who have been onboarded across our company and most of them stay engaged and participate with the training simulations. That is very high, and beyond my expectations. The Hoxhunt onboarding program is quite strict, but it’s exactly how it needs to be done. At the end of the day, having a well-defined onboarding program is quite helpful. I was really happy.”

Fritz Worsch, CISO, Eckes-Granini Group

Results:

·      Over 70% onboarded to training program

·      70% engagement rate: Once employees begin, they stay engaged

·      Dozens of targeted, varied simulated emails sent to each employee per year

·      Increased and standardized real threat reporting via Hoxhunt button

·      Significantly improved security culture globally

·      Lower risk of breaches through email attack

Key insights into the Hoxhunt cybersecurity and phishing awareness training program by Fritz Worsch, CISO, Eckes-Granini Group.

Onboarding & Managed Service

“I’ve been in IT for 30 years, but I’ve never seen such a professional onboarding like you at Hoxhunt have done with us. We have reached over 70 per cent of employees who have been onboarded across our company and most of them stay engaged and participate with the training simulations. That is very high, and beyond my expectations. The Hoxhunt onboarding program is quite strict, but it’s exactly how it needs to be done. At the end of the day, having a well-defined onboarding program is quite helpful. I was really happy.”

  

Dynamic & Continuous

“The three big learnings from my side started with:

First: Seeing that the Hoxhunt training is not static like the other offerings we’d tried; it’s ticking at the same level as the threat landscape is ticking.

Second: Hoxhunt does not just push out one phishing email to everybody, but continuously pushes out emails so no one can anticipate them. That keeps cybersecurity front-of-mind for people.

Third: And the third part that is quite interesting to me is how the training is dynamic and skills-adaptive. If someone gets a phishing simulation email and passes it, then he or she gets challenged with a more challenging simulation the next time. And if they are not taking it up then they get an easier one. Varying the difficulty level like that keeps people in the game.

 

Automation

“Automation definitely saves a lot of resources and it helps to channel the resources. It helps to stay on track and make sure that we are talking to the right people at the right time.”

 

Reporting threats

“There has definitely been a change in our security culture. The Hoxhunt button itself has been an additional chance to channel all the incoming possible phishing emails and spam emails to the right place. In the past, people did not know who to contact so potentially malicious emails were ignored or some people just pushed them forward to their local IT, directly to me, or to our external partner. Now, reporting is easy and standardized for our end user. But on the other end we are pushing them to use this button and telling our users that this is the only way to notify us once they have received a suspicious email.”

 

Executive summary

“I would definitely recommend Hoxhunt to other CISOs and I have already. Hoxhunt has gone well beyond the traditional check-a-box mentality of passive e-learning. There has definitely been a change in our security culture since we started using Hoxhunt. Their intelligent training platform automatically engages people at their individual skill levels and teaches them to report suspicious emails.  We are seeing many more real threat reports as a result. And their Customer Success team is top-notch, pushing us to over 70% onboarded across our global company. I have been in IT for 30 years but I’ve never seen such professional onboarding like at Hoxhunt.”

Want to match these results?
Hoxhunt adaptive phishing training dramatically increases training engagement and security resilience.
Request a demo