Case Study: Penn National Gaming cuts employee phishing susceptibility from 20% to 2% with Infosec IQ

How Penn National Gaming combats phishing with Infosec IQ

Penn National Gaming, the largest domestic casino and hotel operator in the U.S., faced widespread email-based threats like phishing and business email compromise across its 16,000 employees. To address this, security analyst Marc Puhala evaluated nearly 20 platforms and selected Infosec’s Infosec IQ — including PhishSim and AwareEd — deploying roughly 4,000 learner seats to build a scalable security awareness program.

Using Infosec’s tools, Penn National implemented role-based training, monthly PhishSim simulations, targeted remedial AwareEd courses, and ongoing reporting plus communications (newsletters and manager meetings). Infosec’s solution drove measurable results: employee phishing susceptibility fell from 20% to 2%, reporting of suspicious emails increased, and the program provided data to continuously refine training.

Penn National Gaming

Marc Puhala

Security Analyst