From Human Risk to Proactive Defence: How a Creative Consultancy Reduced Cyber Threats with Awareness Training

Our client is a creative consultancy within the AEC sector, working with sensitive client data across multiple collaborative projects. With staff under constant deadline pressure, leadership identified the need to reduce the human risk factor in cybersecurity.

Industry: Creative and AEC

Organisation Size: 30–60 staff

Service Areas: Cybersecurity Training, Risk Management, Policy Compliance

‍

Although technical protections such as firewalls and antivirus software were in place, employees lacked awareness of common cyber threats. A near-miss phishing incident highlighted the vulnerability of project data to human error. The firm required a structured programme to raise awareness, monitor risk, and reduce the likelihood of credential theft or data breaches caused by user behaviour.

We implemented the Cyber Awareness and Training Suite, providing an integrated, cloud-based platform for continuous risk management:

• Security awareness and compliance training tailored to each user
• Automated phishing simulations with performance tracking
• Dark web monitoring to detect exposed credentials
• Policy governance tools to track employee acknowledgements
• Real-time risk scoring and training adjustments based on individual results

‍

After three months, the business saw measurable improvements in employee awareness and risk reduction:

• Significant drop in phishing simulation click-through rates
• Full completion of training modules across all staff
• Identification and remediation of compromised credentials
• Clear audit trail for compliance and policy management

‍