HM Government approached Bob’s Business to develop an innovative Cyber Security Training initiative called Think Before You Click which was designed to educate over 70,000 members of staff and 3rd party IT service providers about the threat of phishing. To separate Think Before You Click from other phishing solutions, Bob’s Business ensured staff played a key role in HM Government’s cyber defences by increasing their understanding of the threats they may face and giving them the knowledge to be able to identify suspicious emails. Bob’s Business also encouraged staff to report suspicious emails to the right people as a way of demonstrating their understanding of knowledge they’d been given. Combining the technical controls found in a typical phishing simulation with high levels of staff awareness proved to be the best possible defence against phishing attacks.
Think Before You Click has seen a positive change in HM Government when it comes to reacting to phishing emails. Internal communications between staff added value to the process as feedback helped improve the process both for HM Government and Bob’s Business. As a result of Think Before You Click, HM Government staff now routinely and quickly refer suspicious emails for specialist analysis which has improved intelligence with their Cyber Security Command Centre allowing them to deal with threats sooner. Bob’s Business’ simulation enabled HM Government to target the learning to where staff needed it most, especially to those who needed extra learning the most. This approach allowed users to receive training at the most important time – directly after a mistake. Due to the positive nature of the Think Before You Click campaign, Bob’s Business has allowed HM Government to gain strong staff and stakeholder engagement, including with Trade Unions who have recommended the initiative to their members.