Schmitt + Sohn Aufzüge

Organizational Challenges Before KnowBe4

Before KnowBe4, Schmitt + Sohn Aufzüge relied on internally developed IT security training and occasional phishing tests conducted with external partners. However, limited internal resources for continuously updating and expanding content led the organization to seek a more comprehensive platform.

The organization’s security culture previously relied on employees maintaining their knowledge through occasional training sessions and phishing tests. However, the content was rarely updated and no supplementary training resources were provided.

Extensive Training Library and Multilingual Support Driving Factors for Choosing KnowBe4

Christian Halm, Team Leader IT Operations and Workplace Management at Schmitt + Sohn Aufzüge, got to know KnowBe4’s HRM+ platform during a presentation by his partner CyProtect, a system integrator for cybersecurity, at an industry conference. “KnowBe4’s extensive training library, multilingual support, and the ability to independently run phishing tests and awareness training impressed the organization to such an extent that no other providers were considered,” Halm says.

This strong initial impression was further solidified through coordination within the IT department and a careful evaluation of the cost/benefit factor, ultimately leading to the decision to use KnowBe4, as the product perfectly matched the organization’s requirements for content and usability. The implementation process was seamless: an IT department employee integrated the system with Active Directory and an initial optional learning campaign was developed and announced via intranet. Soon after, employees were able to access the platform and start their training.

Employee Acceptance of Security Grew

Across one year, all 2,200 employees are actively participating in the security awareness training program. This year, five to 10 simulated phishing tests are scheduled in addition to regular training sessions. Employee feedback on the product and training modules has been overwhelmingly positive — awareness of potential cyber threats has significantly improved, and acceptance of regular security measures has grown noticeably.

“Implementing KnowBe4 has significantly enhanced the organization’s security infrastructure. The ability to conduct phishing tests in-house, without relying on external service providers, has resulted in substantial cost savings,” Halm says.

Mandatory Learning Campaigns and Increased Phishing Tests for the Future

Looking ahead, the organization plans to roll out a mandatory learning campaign for all employees and increase the frequency of phishing tests. The IT department anonymizes the results of these campaigns and shares them internally to keep everyone informed about the ongoing progress in security awareness and how it’s helped to improve the organization’s security culture.

The organization’s leadership would recommend the platform to others, as it has sustainably enhanced corporate security and boosted employees’ security awareness.

“In a world increasingly dominated by cyber threats, the well-designed security awareness program has proven to be indispensable and strengthens the human element to increase the overall security posture of our organization,” Halm says.

Download the PDF