Case Study: Large U.S. Health Plan Company cuts phishing susceptibility by over 50% and frees IT time with Cofense PhishMe SBE

Health Plan Administrator Boosts Employee Resilience

Large U.S. Health Plan Company, a third‑party administrator managing benefits for about 75,000 members with roughly 130 employees, faced a serious phishing risk: many staff were clicking suspicious emails and exposing sensitive PHI. To both prevent attacks and educate users, the company chose Cofense and its Cofense PhishMe SBE immersive learning platform.

Cofense ran periodic, realistic phishing simulations, provided department-level dashboards and targeted follow-up training for repeat offenders; the results were measurable—clicks fell from 46 of 127 users (~36%) on the first simulation to 21 on the second (more than a 50% reduction) and have dropped to under 10% overall, with a goal of 1%. Implementation was straightforward, reduced IT remediation time, increased user reporting of suspicious emails, and delivered ongoing behavioral improvement thanks to Cofense.