Keepnet Labs Logo
Menu
HOME > case studies > protecting your business by strengthening your supply chain

Protecting Supply Chain: Insurer's Success

Discover how a leading EU insurance company protected its supply chain from phishing threats. By reducing supply chain risks by over 90% and saving $1.1 million annually, they improved phishing detection and response times across their network, ensuring compliance and protecting their reputation.

Enhance Supply Chain Security: Insurer Insights

Introduction

A prominent EU insurance company, with over 2,500 agents and 1,300 brokers, has served clients for nearly 100 years. Despite robust internal security protocols, it faced challenges managing phishing risks due to inadequate cybersecurity among partners.

Ensuring consistent security across the supply chain was difficult, and managing human risk was problematic, as they struggled to train employees of partners handling sensitive data. Additionally, the supply chain lacked an incident response mechanism, leaving the insurer vulnerable to financial and reputational damage from phishing attacks.

Successful Outcomes

  • Reduction of supply chain risks by 90.77% (reducing the vulnerability from 65% to 6% in six months).

  • $1,125,484 potential loss saved annually.

  • Employees were 94% better at recognizing fake emails in the first 6 months.

Understanding the Risks of Supply Chain Attacks

Trust in the supply chain and vendor relationships is being exploited by hackers, leading to a 24% rise in supply chain phishing, causing over $2 billion in annual damages. Without proper preventative measures, the insurance company could face significant business challenges, including:

  • A supply chain attack can result in significant financial loss, potentially costing the insurer millions of dollars in lost revenue and legal fees.

  • If customer data is compromised, it could damage the insurer’s reputation and lead to a loss of customer trust.

  • Failing to comply with legal and regulatory requirements could result in fines, lawsuits, and other legal troubles.

  • A successful supply chain attack could disrupt the insurer’s operations, leading to downtime and lost productivity.

  • The loss of competitive advantage resulting from a compromised supply chain could harm the insurer’s long-term success.

“Keepnet has been instrumental in helping us protect our supply-chain from the increasing risk of phishing attacks. Their platform has not only saved us time and money but has also helped us maintain compliance and protect our reputation. With their support, we've reduced our response time to phishing incidents from 8 hours to 2 minutes, and identified a phishing scam with a 94% success rate in just six months across our supply chain.”

CISO, Insurance Company

Potential Loss Prevented

Average reported loss per person

$502

Supply chain recognizing and reporting phishing

35% to 94% in 12 months

The potential loss prevented annually is $1,125,484

Average Cost Savings from Phishing Incident Response

The average time to respond to a phishing incident

8 hours to 2 minutes

The average cost of one staff member

$60 per hour

The cost of a single phishing incident was reduced

from $480 to $2

The total estimated cost savings are $764,800 annually

(reducing the cost from $768,000 to $3,200).

How the Insurer Strengthened Their Supply Chain Security:

  • Searched for leaked passwords, emails, and other sensitive data to determine if employees and the supply chain had been compromised.

  • Installed a phishing reporting add-in to provide detection and response capabilities across the supply chain, protecting against potential attacks.

  • Identified risky behaviors within their organization and supply chain, including those who fell for phishing scams and ignored reporting incidents.

  • Implemented a training program incorporating behavioral science elements to promote secure behavior, including reinforcements, nudges, and gratitude exercises.

  • Tested employee compliance with security policies and procedures, improving behaviors through security training.

  • Tested existing email security tools (SEGs) to identify vulnerabilities and guided the insurer on fixing supply chain issues.

  • Updated threat-sharing policies to include indicators such as attacker profiles, phone numbers, and tactics, helping the insurer share intelligence data with its supply chain, local authorities, and financial organizations for proactive prevention.

Operational Results

  • Addressed human risk management and detection/response gaps in supply chain.

  • Achieved 94% phishing scam identification success rate in 12 months.

  • Reduced average phishing incident response time from 8 hours to 2 minutes.

  • Fewer cases reported, boosting business productivity.

Strategic Results

  • An annual $1,125,484 potential loss was prevented.

  • Achieved a 90.77% reduction in supply chain risks.

  • Enhanced incident response measures ensure deep-rooted protection.

  • Supply chain employees now report phishing attacks, improving detection and response.

Schedule your 30-minute demo now

You'll learn how to:
tickIntegrate the Phishing Reporter add-on across your supply chain to identify and report suspicious emails.
tickUse phishing simulations, including Email, Voice, Multi-Factor Authentication (MFA), QR Code, Callback, and SMS, to educate your employees about phishing.
tickCreate AI-powered phishing templates for high engagement and effectiveness.

Schedule your 30-minute demo now

You'll learn how to:
tickAutomate behaviour-based security awareness training for employees to identify and report threats: phishing, vishing, smishing, quishing, MFA phishing, callback phishing!
tickAutomate phishing analysis by 187x and remove threats from inboxes 48x faster.
tickUse our AI-driven human-centric platform with Autopilot and Self-driving features to efficiently manage human cyber risks.
iso 27017 certificate
iso 27018 certificate
iso 27001 certificate
ukas 20382 certificate
Cylon certificate
Crown certificate
Gartner certificate
Tech Nation certificate