Cyber Security Awareness for Axept

The gateways for attackers are often not technical vulnerabilities in systems, but carelessness or ignorance on the part of employees. Axept Business Software AG intends to decisively counter this risk factor.
With e3 AG, Axept has found a partner who competently supports it in the field of cyber security awareness. In the meantime, two joint projects have already been successfully completed and further cooperation is being sought.

In recent years, cyber attacks have increased massively. The increasing digitization and networking opens up countless new attack vectors for cyber-criminals. Especially the work that each of us does every day involves great risks. Axept Business Software AG wants to counteract these dangers and has decided to train its workforce in the topics of cyber security awareness. In this project, e3 was able to support Axept with its expertise. The joint projects were divided into two parts. In addition to the actual training – which formed the second part of the project – a phishing simulation was also part of the package. This combination provided Axept with a holistic approach to improving workforce safety awareness.

Phishing Simulation

The first step of the awareness campaign was to run a phishing simulation with the workforce. Together with Axept, an individualized scenario was designed. In both projects, a tailor-made message template (phishing mail), an individualized landing page (login page) and an account page (displayed after login) were created.
All employees then received an e-mail with an individual link to the landing page, which recorded the click behavior of the recipients.
After completion of the phishing simulations, detailed evaluation reports were prepared with the respective results of the campaigns. These reports also contained important findings and measures on the potential for improvement in the field of IT security. In addition to the evaluation report, a management briefing is included in the offer. A set of slides was prepared for the attention of the Axept management, which summarises the results, findings and recommended measures in a management-friendly manner. The results of the phishing simulation and the findings from the evaluation report formed the basis for the subsequent awareness training.

Awareness Training

After using the phishing simulation to gain an overview of how high the awareness of the dangers of e-mails is within the workforce, an individualised awareness training was created and carried out.
Its focus was on passwords, use of the cloud, e-mail, secure surfing and home office. The contents of the training were deliberately explained in an easy-to-understand way, so that even people without an IT background can follow without any problems. In this way, the employees were taught simple tips & tricks that they can observe and implement directly in their daily work. Thus, they make an essential contribution to improved IT security at Axept.
The offer was rounded off with a flyer. This briefly and crisply describes the most important points of cyber security awareness and was made available to Axept employees.

Result

The creation of a security awareness in the use of IT resources among employees is a central component of a holistic security strategy. With targeted measures, a significant improvement can be achieved even with small investments. e3 is proud to support Axept Business Software AG in its efforts for sustainable and holistic IT security.