Theodo

Theodo partners with customers (large companies, scale ups) to develop on-demand digital solutions that are tailored to their needs. Given its role as a trusted partner on strategic issues, it’s paramount for Theodo to ensure its cybersecurity in order to avoid being a potential entry point for an attack on its clients, or to avoid the leak of sensitive data. 

Guillaume Michel, Engineering Manager at Theodo, was acutely aware of the risk associated with the human factor and of the propensity of hackers to exploit this vulnerability. This led him to pick Mantra to train his colleagues in order to help them detect phishing attacks through simulations mimicking real-life conditions. Even though Theodo’s teams were aware of cybersecurity topics, a first demo simulation campaign underscored the importance of this training.  

“A good example of how Mantra has helped us is with a C-level user who was frequently targeted with spear-phishing attacks and who regularly clicked on them. Now he reports the attacks to the IT teams” illustrates Guillaume. ‍

A much-appreciated automated approach

Guillaume greatly appreciated the ease with which Mantra’s simulation tool was deployed at Theodo. He highlighted the speed of deployment and the few steps required for the simulation engine to be up and running. During this process, Guillaume was accompanied by a dedicated team at Mantra to ensure things went smoothly. 

From a day-to-day perspective, Guillaume’s job is facilitated by the hands-off, automated approach to simulation Mantra provides: his team doesn’t have to spend time crafting templates or sending them as the engine takes care of this for them. 

Putting people at the heart of the issue

“As soon as we were up and running, Theodoers were immediately in the thick of it as they were confronted with real-life simulations” states Guillaume. This was one of the main reasons Guillaume had chosen Mantra’s phishing simulation solution: to train his employees with the same attack profiles as the ones hackers could use. 

He has had great feedback from Theodo’s teams regarding the quality and variety of the simulations run (scenarios, payloads, visuals). He believes these are necessary in order for users to develop an internal cybersecurity culture. 

Concrete results

Theodo has seen some real-life improvements in terms of the behavior of its employees when receiving both simulations and actual phishing emails. This is due to the fact that they have gotten familiar with reporting threats and also because Guillaume and his team have been able to identify users who required additional, tailored training based on their individual progress. 

“Our teams got used quickly to using the threat reporting button”, Guillaume tells us, and this has helped Theodo divide its click rate by 3.5, with the ultimate goal of continuing the improvement of this indicator.  

Why Theodo chose Mantra

For Guillaume, there are 3 main reasons to explain his choice of Mantra as Theodo’s partner in phishing awareness: first, he was impressed by the quality of the simulations during the demo campaign. Second, the ease of operational deployment of the engine was definitely aligned with his objectives. Finally, the gamification approach Mantra has chosen to drive home important cybersecurity best practices convinced him this was the best option to effectively and lastingly change behaviors.

This was important because the digital awareness of Theodo’s teams did not provide a sufficient safeguard against phishing attacks, which made additional action necessary given the projects Theodo works on for its customers. 

In conclusion, Guillaume would clearly recommend Mantra. He’s a promoter of the solution which, according to him, is helping Theodo protect itself from spear-phishing attacks.