Background
The Mayo Clinic is a $10.3 billion nonprofit American academic medical center based out of Rochester, MN. With more than 63,000 employees who use email throughout the business day. The Office of Information Security wanted to ensure all employees can recognize and report upon a phishing attempt when one crosses their inboxes. In addition, they turned to Cofense to boost their security posture with the addition of Triage and Validator to their stack.
We recently sat with Mayo Clinic’s Kimberly Wanek. As the Senior Manager of Information Security, Kimberly has utilized Cofense to build a very successful education program and we wanted to find out a bit more about her education programs and Mayo’s relationship with Cofense email security intelligence and solutions.
Click here to view the fireside chat video.
Executive Summary
Customer: Mayo Clinic is a $10.3B nonprofit American academic medical center with 63,000+ employees
Challenges: Executives and employees being unable to properly recognize and report phishing emails and unsatisfactory traditional SEG performance
Solutions: Cofense PhishMe, Cofense Reporter, Cofense Triage, Cofense Validator
Results: Delivering a customized phishing education program to reduce the vulnerability rates of employees and providing a multi-platform reporting mechanism. Enhancing security posture with SEG validation, supplemental third-party analysts, and email security intelligence tools.
Challenges
With the increase in phishing attacks over the last few years, and the steady increase in the number of employees (10,000+ work from home), they found it difficult to manage the number of attacks being reported. As its employment base began to expand, Wanek knew the organization needed the right vendor to provide a scalable phishing solution.
The Mayo Clinic has been able to take advantage of Cofense Reporter and Reporter for Mobile to increase the reporting rate of phishing attempts and Cofense PhishMe for anti-phishing simulation training, bad email flagging and overall cybersecurity awareness.
To enhance their solution suite, the Mayo Clinic added Cofense Triage to “scale all of the training and education that had been put in place, scale our responsiveness to it, so that we could deal with getting back to people as quick as possible and reinforcing that they were doing the right thing.” This enabled them to better analyze incoming threats using Cofense Intelligence, while also reporting back to the threat reporters – effectively ‘closing the loop’ so employees know which action was taken.
Lastly, the Mayo Clinic utilizes the Cofense Phishing Defense Center and Cofense Validator to catch, prioritize and respond to threats that perimeter technology misses.
Conclusion
Many Cofense clients utilize the PDC to supplement their own security teams. The PDC will identify and prioritize threats, provide actionable intelligence, and keep abreast of changing tactics, so security team members can focus on stopping the most prevalent and dangerous attacks.
We encourage you to watch the entire chat to hear additional thoughts from Kimberly Wanek on the need for a multi-layered approach to anti-phishing education and cybersecurity and how Mayo Clinic’s partnership with Cofense has significantly enhanced their security posture.