Global CPG Leader Streamlines Phishing Reporting and Incident Response

Head of Security Awareness, Global Consumer Packaged Goods Company

A few years ago, a global consumer product goods company with 40K employees in over 100 markets had no formal anti-phishing program. Knowing the threat was growing and its security team needed help, the business began using Cofense PhishMe to measure employee’s susceptibility to suspicious emails and Cofense Reporter to report them with one click. Later, the CPG firm deployed Cofense Triage to help incident responders recognize threats and remediate them faster.

According to the company’s head of security awareness, 28 percent of employees, as well as third-party contractors, clicked on bad emails during initial Cofense simulations. “That was a wakeup call,” she said. “We knew we needed improvement, but thought we were in better shape than that.”

Implemented simultaneously, Cofense PhishMe and Cofense Reporter proved a powerful combination. Cofense PhishMe tested employees’ susceptibility to phishing under simulated conditions. And Cofense Reporter “relieved employees of having to figure out whether and how to report a suspicious email,” said the head of security awareness. “If they had any doubts, they could report an email with a single click and get on with their day.” For that reason, the company installed Cofense Reporter on devices before deploying Cofense PhishMe.

Company reporting climbed to 43%, with some key departments reporting at over 90%.

While metrics continue to improve, including phishing susceptibility rates under 10%, “Our leadership wants to know that we’re always getting better. Cofense lets us demonstrate that. We can’t just do the same basic simulations over and over. With Cofense PhishMe, it’s easy to customize more complex phishing scenarios. Over time, we’ve made the exercises more advanced, personalizing emails by name and company logo, to reflect what’s happening in the real world.”

The company also needed a central storehouse where suspicious emails could be forwarded and automatically prioritized. With training and implementation help from Cofense professional services, the CPG leader now has a dedicated, purpose-built mailbox where employees can forward suspicious emails. Cofense Triage automates the process of distinguishing threats from noise.

Before, incident responders spent hours sifting through emails. Now, 80% of reported emails are resolved automatically – just 20% require active attention.

The solution’s clustering capability helps identify larger phishing campaigns, so the incident response team can address them swiftly. “Our incident responders are making much better use of their time now. They can recognize and respond to a real incident, instead of sifting through tons of emails before stumbling upon something important. Cofense Triage improves the quality of work our responders can do.”

With low susceptibility rates and reporting rates steadily rising, the head of security awareness reports that “employees have become an important line of cyber defense.” And thanks to the automation and analytics of Cofense Triage, “we’re not drowning in information anymore and can act on threats right away.”