How The Mayo Clinic Utilizes Cofense’s Email Security Education, Response, & Defense Solutions

October 20, 2022

Background

The Mayo Clinic is a $10.3 billion nonprofit American academic medical center based out of Rochester, MN. With more than 63,000 employees who use email throughout the business day. The Office of Information Security wanted to ensure all employees can recognize and report upon a phishing attempt when one crosses their inboxes. In addition, they turned to Cofense to boost their security posture with the addition of Triage and Validator to their stack.

We recently sat with Mayo Clinic’s Kimberly Wanek. As the Senior Manager of Information Security, Kimberly has utilized Cofense to build a very successful education program and we wanted to find out a bit more about her education programs and Mayo’s relationship with Cofense email security intelligence and solutions.


Executive Summary

Customer:  Mayo Clinic is a $10.3B nonprofit American academic medical center with 63,000+ employees

Challenges: Executives and employees being unable to properly recognize and report phishing emails and unsatisfactory traditional SEG performance

Solutions: Cofense PhishMe, Cofense Reporter, Cofense Triage, Cofense Validator

Results: Delivering a customized phishing education program to reduce the vulnerability rates of employees and providing a multi-platform reporting mechanism. Enhancing security posture with SEG validation, supplemental third-party analysts, and email security intelligence tools.

Challenges

With the increase in phishing attacks over the last few years, and the steady increase in the number of employees (10,000+ work from home), they found it difficult to manage the number of attacks being reported. As its employment base began to expand, Wanek knew the organization needed the right vendor to provide a scalable phishing solution.   

“A lot of security controls we always think of are the technical controls, but we have to think about the human factor. [For instance,] we didn't have it on mobile devices, and a bigger chunk of our employees were accessing their email primarily on mobile.”

The Mayo Clinic has been able to take advantage of Cofense Reporter and Reporter for Mobile to increase the reporting rate of phishing attempts and Cofense PhishMe for anti-phishing simulation training, bad email flagging and overall cybersecurity awareness.

To enhance their solution suite, the Mayo Clinic added Cofense Triage to “scale all of the training and education that had been put in place, scale our responsiveness to it, so that we could deal with getting back to people as quick as possible and reinforcing that they were doing the right thing.” This enabled them to better analyze incoming threats using Cofense Intelligence, while also reporting back to the threat reporters – effectively ‘closing the loop’ so employees know which action was taken.

Lastly, the Mayo Clinic utilizes the Cofense Phishing Defense Center and Cofense Validator to catch, prioritize and respond to threats that perimeter technology misses.

“[Validator] was giving us insight into how strong our SEGs were, our gateways, how effective they were. So not only could we see how our gateways were performing, but it would give us opportunities, some intelligence on how to strengthen them. [The PDC] allowed our SOC to focus on the next tier of risk. So PDC not only tells us these are malicious, but they give us another category that says these are scams.” 

Conclusion

Many Cofense clients utilize the PDC to supplement their own security teams. The PDC will identify and prioritize threats, provide actionable intelligence, and keep abreast of changing tactics, so security team members can focus on stopping the most prevalent and dangerous attacks.