CASE STUDIES
Clementoni, Safety is learned (by playing)
Overview
Founded in Recanati in 1963, Clementoni has always been faithful to its original mission of helping children grow through play. An insight leading to the creation of a solid company that today employs around 600 people and generates a turnover of around 178 million euros, 65% of which from exports.
The challenge
The multinational dimension increases the level of exposure to cyber attacks. As it is also related to children, the loss and compromise of company data would expose the organisation to a great deal of damage. Therefore, there is a need to raise awareness of cybersecurity issues at all levels.
Solution
The cybersecurity awareness programme aims to create a widespread security culture at all levels of the company, both through the acquisition of tools to protect the company from cyber threats and through the development of defence capabilities to deal with the most widespread cyber attacks.
Knowledge of threats and risks as a first defence measure. Anti-phishing awareness and training programmes as an integral part of the cyber strategy of the Italian multinational educational game company.
“For those who do business like us, cybersecurity has become an truly relevant and transversal issue with respect to the areas in which we operate. An essential element for the protection of company data and the normal running of daily operations”, Susanna Clementoni, controller & compliance specialist and third-generation member of the company’s founding family.
“Digital technology is also transforming the world of games in terms of communication, game extension and purchasing experience. Cybersecurity has become an essential topic for both consumers and trade partners,” says Susanna Clementoni.
“Working on safety at Clementoni means creating a successful user experience for all clients who place their trust in us. In an organisation like ours, attention and respect for the world of children are two extremely important aspects. Accordingly, the decision to build a widespread cyber culture was not only necessary but also a must”.
Not least because of the implications that a system failure might have not only on day-to-day operations but, more importantly, on corporate reputation. “The loss and compromise of corporate data exposes any organisation to very high damage. Recently, we have witnessed cyberattacks that have brought major multinational companies to their knees.
Anyone can be affected at any level. In our case, since we also process data related to children, the damage would not only be economic but also a loss of trust in the commitment that has always characterised our company”.
Learning with a high learning curve
The results in terms of decreasing security incidents have also been continuous. “Since the launch of the programme,” says Susanna Clementoni, “we have seen a high engagement rate in all nine modules of the course, with staff participation exceeding 80%”. This success is due to the easy-to-use nature of the course, with monthly releases, short video content, and a language that is polished but at the same time not too technical, suitable for everyone. Results are also very encouraging in terms of anti-phishing training. “In the face of 1,300 attacks carried out through 7 different campaigns,”says Susanna Clementoni, “we recorded a significant drop in click rates, from 15% to below 10%. We have also seen a significant increase in the resilience score, i.e. the number of attacks needed to mislead someone, which has gone from 1 to 2.6. Therefore, the balance is overwhelmingly positive. Especially if we consider that this is the first year and the backdrop against which the whole training programme took place”.
To read the full interview prepared by the Data Manager click here.
All Projects
Raiffeisen
From physical theft to digital attack, Raiffeisen Banking Association invests in cybersecurity awareness through the use of services offered by Cyber Guru
Dumarey Group
One year after adopting the training program, Dumarey Group gets important feedback: increased awareness and lower level of risk.
ENEGAN
Thanks to the Cyber Guru platform, ENEGAN has obtained objective benefits, especially on phishing campaigns for which it is possible to get definite feedback.