Lifen
“Given that Lifen mainly manages sensitive data, training and awareness programs for our teams are one of the best ways to manage this systemic risk”.
“Given that Lifen mainly manages sensitive data, training and awareness programs for our teams are one of the best ways to manage this systemic risk”.
Lifen is a Paris-based company whose goal is to ease the deployment of digital solutions in the healthcare industry. Lifen enables instant access to quality health data and innovations for the best possible care. Their digital solutions connect all stakeholders – providers, payors, governments, technology companies, and researchers – for a health system that is truly built around the patient.
In France, Lifen has partnered with over 600 health institutions. Every month, Lifen sends over 2 million medical documents to 130,000 doctors. Founder of the FHIR France meetup, Lifen’s mission is to put its expertise in hospital information services to use to develop a platform that significantly facilitates the integration of technical solutions and the operational roll-out of all kinds of digital tools.
Lifen’s IT team, and especially Karim El Srouji, its Chief Information Security Officer have picked Mantra to train Lifen’s teams against phishing and spear-phishing attacks through its automated phishing simulation engine.
Karim explains that phishing is the main source of data leaks for the majority of companies.
“Given that Lifen mainly manages sensitive data, training and awareness programs for our teams are one of the best ways to manage this systemic risk”.
In the event of a cyberattack, and especially one including a data leak, the impact on Lifen’s customers, users and its reputation would be significant. For these reasons, the technical teams at Lifen have deployed a complex cybersecurity strategy (secure servers, VPN, data encryption, etc.) of which Mantra is a part of thanks to its automated phishing and spear-phishing simulation engine.
As highlighted by Karim, teaching teams through practice is one of the best ways to fight against the risk posed by phishing and spear-phishing attacks.
Indeed, “with tech innovations, cybercriminals are able to adapt their phishing attacks in order to make them less recognizable by both anti-phishing/anti-spam robots and by the teams that are targeted”.
Teaching Lifen’s teams not to click on suspicious links and to analyze emails correctly to detect attacks is therefore paramount.
In this context, it was key for Karim to use a solution that would train Lifen’s teams in “real life conditions”, thank in particular to simulation scenarios that mimick the communication formats and the tools used on a daily basis by the teams at Lifen. Moreover, the automation of the selection and sending process of the simulations, with each user receiving a specific scenario in a targeted manner, are greatly appreciated by Karim.
Finally - and this is probably the most important - the results are there: Lifen’s teams’ click rate has been divided by 3, and the reporting rate has doubled.
Mantra’s solution has been well perceived internally, as Karim highlights the lack of friction. He also insists on the fact that users enjoy the fact that simulations look like targeted spear-phishing attacks, with a great variety of scenarios. As for the cybersecurity awareness module, he appreciates the quality of the courses and the fact that they cover the broad scope of cybersecurity basics.
As Lifen’s CISO and the administrator of the tool, Karim can compare (and note the differences) with tools he has seen used in the past where a person was dedicated exclusively to the creation of a given scenario and the batch sending of a simulation. In these cases, the simulation was received by everyone at the same time without any real personalization, thereby greatly decreasing the effectiveness and realism of the simulation.
He tells us he’s never fallen for one of our phishing simulations, even if - by his own account - “a Notion simulation almost led me to click, it was very credible”. It’s going to be a little challenge for Mantra’s teams in charge of product to create a scenario that will succeed in tricking him 😉