“The managed content and delivery strategy is huge for us. We prioritize automation here, so the fact that we can set it and forget is invaluable. It allows us to focus our efforts on other client needs when we know we have a trusted solution for social engineering risk and email security.”
— Sarah Bryson, Security Analyst, RADER Solutions
Although every organization pays greater attention to cybersecurity these days, breaches continue to increase, shattering records every year. While security products are more advanced than ever before, the tools and techniques used by bad actors have become more sophisticated as well. One part of the equation that doesn’t always keep up: employees and users.
People are the most critical link in cybersecurity, and social engineering schemes are increasingly the attack vectors of choice of cybercriminals. According to the Identity Theft Resource Center (IRTC)’s 2020 End of the Year Data Breach Report, 44% of the 878 reported breaches during the year involved phishing, smishing, or business email compromise. The report explains that “threat actors are more interested in taking advantage of bad consumer behaviors using stolen credentials like logins and passwords. Due to the shift in tactics, ransomware and phishing attacks directed at organizations are now the preferred data theft method of cyberthieves.”
As a managed IT services provider (MSP), Lafayette, LA-based RADER Solutions was well aware of the human factor in cybersecurity even if its clients weren’t. While the firm’s customers span more than 20 U.S states and represent a range of industries, from building suppliers to insurance agencies to car dealerships and more, they all have one thing in common—the opportunity to further secure their businesses by empowering their employees to recognize and defend against attacks. So, RADER needed a security awareness solution that would not only help eliminate human error and attain a culture of security when implemented, but one that could also scale across its disparate customer base.
Discovering the Right Solution
Like many MSPs, RADER seeks solutions that are easy to administer, configure, and scale, so it can quickly deploy them to interested customers. When RADER began looking for a trusted partner to offer a security awareness program, it was using a cybersecurity platform that offered limited capabilities in the area. It lacked features that had become critical for the company’s success. Not only was scalability an issue, but RADER needed a solution that was highly automated, could sync with Microsoft Azure, integrate with Active Directory, could offer multi tenancy, and provide visibility for customers to see performance data.
This administrator component was key, as RADER’s clients have their own unique needs and need the flexibility to fine tune the program to achieve and maintain insight into how their employees perform with easy-access reporting. So, it compared several solutions, including KnowBe4, BullPhish ID, Oh Phish, its existing solution Defendify, and Arctic Wolf® Managed Security Awareness.
Based on its evaluation, RADER chose Arctic Wolf’s offering as it not only met its main criteria but offered custom and personalized capabilities that other solutions lacked. It prioritized user education much more than BullPhish ID, and its customizable administrator qualities were a better fit than KnowBe4, which appeared tailored to single-company needs. What’s more, Managed Security Awareness includes ongoing guidance by Arctic Wolf’s Concierge Security® Team to help customers reinforce cybersecurity best practices around user and employee behavior to establish a culture of security across the entire organization. It promotes a positive experience that engages users and encourages secure behaviors.
With Managed Security Awareness, RADER now has an automated solution that delivers personalized coaching within the flow of work. According to RADER’s Security Analyst, Sarah Bryson, “The managed content and delivery strategy is huge for us. We prioritize automation here, so the fact that we can set it and forget is invaluable. It allows us to focus our efforts on other client needs when we know we have a trusted solution for social engineering risk and email security.”
Results Speak for Themselves
While Managed Security Awareness helps eliminate human error in cybersecurity above and beyond social engineering attacks—such as password management, security reporting practices, insider threat recognition—the greatest threats to RADER customers typically concern email. “Of course, the most vulnerable element of the email vector is the human factor,” says Bryson. Now, RADER’s customers that have implemented Managed Security Awareness succumb to phishing attacks far less frequently than those who have yet to subscribe to the service. “The difference is night and day. Before, our clients would suffer repeat compromises from phishing attacks. Today, they are fully capable of identifying and reporting phishing attempts. They notify us to block domains with confidence now,” Bryson says. “It shows how a security awareness program can make a significant impact in terms of elevating an organization’s security posture.”
Implementing Managed Security Awareness among its client base has been smooth sailing to date, as Arctic Wolf creates all the program content, testing, and reinforcement, while the distribution and tracking of the program is completely automated. “It’s very MSP friendly,” Bryson adds. “Since we don’t have to spend time managing their awareness program, I can spend my time on more important efforts like generating new leads or writing and managing a client’s technology and use policy—areas that are more strategic and productive.”
RADER Solutions’ partnership with Arctic Wolf is built on trust and effectiveness. “The awareness content is delivered seamlessly and conveniently—and provides excellent lessons on the key issues clients need to consider when it comes to cybersecurity hygiene,” says Bryson. “We breathe a little easier knowing that the ongoing nature of the program always keeps security top-of-mind for our clients.”