How a National Healthcare Provider Mitigates Spearphishing With SecurityIQ’s PhishNotify

Executive Summary:

Protected health information (PHI) brings a hefty price on the black market, making many healthcare organizations a prime hacker target. This particular company previously included security training as part of their new hire onboarding process, but wanted to go one step further to ensure stored PHI was protected year-round. With every unauthorized PHI disclosure considered a HIPAA violation, the company saw awareness training as an important risk reduction tool.  

After looking at several security awareness training platforms, the IT team selected SecurityIQ for its role-based healthcare awareness training and attractive pricing structure. After implementing SecurityIQ PhishNotify email reporting, the company:

  • increased security awareness,
  • reduced phishing susceptibility rates by 30 percent, and
  • improved incident response.

In the following  Q&A, a company representative discusses how they used SecurityIQ to boost employee security awareness and stay HIPAA compliant.

Why Did You Pick SecurityIQ as Your Awareness Training Solution?

Client: Before SecurityIQ, we’d administer security training during the onboarding process. We would cover many topics, including password hygiene and phishing, in a short period of time. SecurityIQ provided us the ability to reinforce training year-round on topics we determine fit for the organization and current events. This ensures security is fresh in everyone’s mind.

We looked at a few other platforms, but picked SecurityIQ because of its pricing structure. Access to all training content was included in every account tier. This was a big factor in our decision-making process.

Tell Me About Your First Phishing Campaign. How Did Employees Perform?

Client: We ran a phishing simulation before launching our first awareness (Read more...)

*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Megan Sawle. Read the original post at:

Secure Coding Practices