Skip to main content
EducationSecurity

University Reduces Phishing Success Rate 90%

Private University
Raleigh, NC
800 employees
6 months
90%
phishing reduction
Started:Sep 2023
Duration:6 months
Completed:Mar 2024

The Challenge

Coastal Carolina University had suffered 5 credential compromises in 12 months, each leading to unauthorized access to student records, research data, or financial systems. The common factor: employees clicking phishing emails.

Simulation testing showed 35% of employees would click malicious links. Faculty, in particular, were resistant to security training, viewing it as an administrative burden interfering with academic work.

The university's cyber insurance was up for renewal with a threatened 50% premium increase unless security metrics improved.

Our Approach

1

Baseline Assessment

Month 1

Conducted initial phishing simulation and security culture assessment. Identified highest-risk departments and individuals.

2

Targeted Training Program

Month 2-3

Deployed role-based training for faculty, staff, and executives. Created short, relevant modules addressing specific risks each group faces.

3

Continuous Simulation & Reinforcement

Month 3-5

Implemented monthly phishing simulations with immediate just-in-time training for those who clicked. Recognized and rewarded reporters.

4

Culture Integration

Month 5-6

Embedded security awareness into onboarding, annual reviews, and department meetings. Created security champion program.

Solution Overview

Security awareness program including phishing simulations, targeted training, executive protection, incident response procedures, and ongoing reinforcement campaigns.

The Results

Phishing click rate dropped from 35% to 3%
Zero credential compromises in 12 months
Security reporting by staff up 400%
Achieved cyber insurance premium reduction

Business Impact

Cost Savings
Avoided 50% cyber insurance premium increase
Productivity Gain
400% increase in security incident reporting
Risk Reduction
90% reduction in successful phishing, zero compromises in 12 months

"Our people went from our biggest vulnerability to our first line of defense. The culture shift is remarkable."

D
Dr. Michelle Barnes, CIO
Private University

"Faculty used to complain about security training. Now they report suspicious emails proactively. Complete transformation."

D
Dr. James Wilson, Provost
Private University

Key Takeaways

  • Faculty engagement requires showing relevance to their work
  • Positive reinforcement outperforms punishment-based approaches
  • Short, frequent training beats annual compliance modules
  • Security culture change takes 6-12 months to embed

Key Outcome

90%
phishing reduction

Technologies Used

KnowBe4ProofpointMicrosoft DefenderAbnormal Security

Compliance Frameworks

FERPAGLBAState Requirements

Want Similar Results?

Let's discuss how we can help your organization achieve its goals.

Get Free Assessment

Industry Solutions

Education
View industry solutions

More Education Success Stories

Compliance

EdTech Startup Achieves FERPA Compliance

15new district contracts
K-12 Learning Platform
Denver, CO

Ready to Write Your Success Story?

Join the organizations that have transformed their security and infrastructure with PlatOps.

Book Strategy CallView All Case Studies
Get Free Assessment