RoSPA chose ramsac to help with cybersecurity awareness and training their staff through phishing email testing.

Who are RoSPA? 

The Royal Society for the Prevention of Accidents (RoSPA) is an organisation that has been working towards the vision for life, free from serious accidental injury, since 1916. For 100 years, RoSPA has been quietly working behind the scenes to change both legislation and attitudes surrounding accidents. From the compulsory wearing of seatbelts and the campaign to stop drink driving, to the Cycling Proficiency Test and to the more recent ban on handheld mobile phones behind the wheel, RoSPA has been instrumental in shaping our society for the better, preventing millions of deaths and serious injuries along the way.

Cybersecurity challenges

Cybercrime is an important issue for all organisations and RoSPA decided to proactively train their staff to be able to recognise and not fall victim to malicious emails also known as phishing emails.

In 2018, 76% of business were reported to fall victim to phishing attacks according to Proofpoint.

So, spotting phishing emails is a particular point of weakness for many organisations.

Phishing awareness service

RoSPA subscribed to ramsac’s phishing awareness service. The service sends random simulated phishing attacks, ensuring that every user at RoSPA receives a very realistic phishing email at least twice a year. The emails mimic phishing emails from well-known brands such as LinkedIn and Microsoft, and If the user clicks on a link, they will be taken to a safe web page, that highlights what they have just clicked on and offers them an immediate online training session on how to spot attacks in the future. RoSPA are then sent a report, detailing who did and didn’t click on the link and who has completed the online training. Helping them to identify training gaps and possible points of cybersecurity weakness.

Protecting RoSPA’s data

RoSPA understand they have an obligation to protect the data that is in their possession as well as educate their staff on how to identify phishing attempts. RoSPA knows that cybersecurity is not just a problem for those higher up in the business, it is an issue that needs to be addressed by everyone in the organisation. David Ewing, Executive Head of IT for RoSPA commented “We deal with a lot of data in our company, so it is important that we get it right when it comes to training our staff. We have a responsibility to continually educate our staff regarding the latest scams that exist, and which pose a genuine threat to both our business as well as personal/private data”.

ramsac team members 20211019 220132.min

Benefits of the Phishing Awareness service

With the phishing tests that ramsac have provided for RoSPA as part of their cybersecurity routine, the organisation has seen improvements in protecting data. David Ewing commented “All of our employees, at all organisational levels, were involved in the phishing tests and with some very surprising results! We have seen a noticeable increase in fraud awareness, legitimate scepticism and IT Support enquiries from colleagues when handling unsolicited and/or unrecognised e-mails”.

“ramsac have been a pleasure to deal with so far and have been professional, supportive and pro-active in their preparation of our regular phishing tests. We would recommend ramsac as they have helped to change our employee mindsets, produced some valuable lessons-learned and will continue to keep us all ‘on our toes’ for when the next phishing tests arrive”.

David Ewing, Executive Head of IT for RoSPA

Quiz yourself

Are you more cyber savvy than an 11 year old?

11-14 year olds get asked these questions in school. Could you get these right?