Case Study: Employee Benefits Organization achieves 89% reduction in phishing susceptibility with Proofpoint Security Awareness Platform

Employee Benefits Organization Reduces Phishing Susceptibility by 89%

A regional retirement benefits organization for public employees sought better visibility into phishing risk and a way to reduce end-user susceptibility across different threat vectors. A baseline Proofpoint assessment showed a click rate just under 20%, and with executive and board buy-in the IT team set out to implement a comprehensive, organization-wide security awareness program to create measurable, long-term improvements.

Using Proofpoint’s ThreatSim phishing simulations, CyberStrength knowledge assessments, and role-specific interactive modules, the association ran quarterly tests with just-in-time “Teachable Moments” and auto-enrollment for remediation. Administrators used the SaaS platform to assign tailored training for IT, PII, and PHI groups and to track progress. Within 15 months the average click rate dropped from 19.8% to 2.1%—an 89% reduction—while audit performance, regulatory readiness, and reporting to stakeholders all improved.