Skip to content

Client Story: A CISO’s Perspective on Using Optery to Mitigate Social Engineering Risk for a Regional Bank

Feature image
Last Modified Date: Sep 03, 2024

As the Chief Information Security Officer (CISO) of a well-established, multi-billion-dollar regional bank, our client is highly proactive in anticipating and mitigating security threats. Despite launching a highly successful training program and continuously educating his employees, the CISO sought additional measures he could take to reduce the number of cyber threats to the bank, particularly those targeting its endpoints and employees.

The threat landscape and the need for enhanced protection

As the bank has expanded over the years, so has its exposure to threats, and the CISO recognized the need to reduce the attack surface for social engineering risks.

The threat landscape and the need for enhanced protection Image

“Somewhere around 90% of the breaches today stem from a phishing attempt or something along those lines entering an environment and someone inadvertently giving away their credentials,” the CISO explains. “We knew our employees were being targeted, and we wanted controls to mitigate these attacks and slow them down.”

“We started our social engineering training program ten years ago, and we regularly test our employees. We even give out awards to those who don’t click on phishing links and report suspicious activity. Our phish-click rate is less than 2% and approximately 70% of our employees report phishing attempts. We’ve done a good job of creating a security-minded culture, but that’s not enough,” the CISO continues. “It only takes one successful phish to cause a disaster. We knew we needed to do more.”

Finding a solution with Optery

The turning point came when the CISO’s CEO introduced him to Optery. Intrigued, the CISO decided to investigate further. “I researched Optery myself and thought, ‘If this can really do what it says, it could really help us.’

We were particularly interested in protecting our long-term employees who have had the same email for many years and also our senior executives who have exposure through press releases and other public channels.”

The CISO understood that one of the most effective ways to combat social engineering attacks is to reduce the amount of exposed personal data available to attackers. Optery, with its unmatched personal data discovery and removal capabilities, offered the perfect solution. By minimizing the presence of employees’ personal information across data broker sites, the bank could significantly decrease the likelihood of its staff being targeted. And this is indeed what happened.

The benefits of Optery

Since implementing Optery, the bank has noticed a significant reduction in the volume of spam, phishing, and smishing attempts. “I’ve seen my spam emails decrease by about 50%, and spam phone calls have significantly reduced as well. I used to get those calls all the time, but not so much anymore. Other employees have noticed this impact too, along with far fewer phishing attempts targeting them. We know the product is working, and it’s hard to believe how much of an impact it has had. If we tried to do these removals manually, it would never get done.”

Reducing visibility reduces risk

Beyond reducing spam and phishing attempts, the CISO highlights an unexpected gain from using Optery: protection against SMS-based impersonation attacks. “Our mobile phone numbers are a big part of our digital identity, and our CEO’s number has been spoofed many times. Optery has helped slow these impersonation attacks on our employees.”

The CISO was particularly impressed with Optery’s ability to uncover old personal information. “Optery found an address and phone number for me from 30 years ago when I was in the military. That kind of thoroughness is remarkable.”

Conclusion

For this proactive CISO, Optery has become an essential tool in the fight against social engineering threats. By reducing employee exposure and decreasing the volume of attacks, Optery has strengthened the bank’s security posture. As the CISO puts it, “I can’t say I’ve needed more than what I’m getting from Optery.”

With Optery’s ongoing support, the bank continues to protect its people and its assets.

Ready to Remove Your Info from the Internet?

Free Tools + Paid Plans starting at $3.99/mo. 570 sites covered. 30-Day Money Back Guarantee!

Get Free Scan

Ready to safeguard your personal data?

Join the movement of people strengthening their privacy
Sign Up Free