usecure Blog

The Mentor Group's Journey to ISO Compliance with usecure

Written by Kerryn Zendera | 27 September 2024 9:15

At a Glance:

  • ISO Audit Success: The Mentor Group's training strategy earned high praise for enhancing cybersecurity awareness during the ISO/IEC 27001 audit.
  • User Score Improvement: 34% increase in user scores after implementation.
  • Phishing Detection Enhancement: Average phishing compromise rate decreased by 29% in the first year.
  • Training Engagement: 94% course completion rate among employees.

 

About Mentor Group

Headquartered in the United Kingdom, Mentor Group is a leading sales enablement organization dedicated to driving transformation and growth across various sectors. With a diverse team of experts delivering tailored solutions in over 30 languages, Mentor Group is committed to generating tangible results for its clients.

The Challenge

To maintain the trust of their clients and become ISO/IEC 27001 accredited, Mentor Group faced the critical challenge of ensuring that all staff received regular information security training tailored to their roles and access levels. 

ISO 27001:2022, Annex A 6.3 requires that staff should get information security training that is relevant to their role, and Mentor Group had to show clients it could be trusted with their data.

 

Mentor Group needed a solution that not only delivered effective training but also provided insightful reporting to clearly demonstrate compliance during the audit.

James Barton, Chief Solutions Officer at Mentor Group, stated, “Our ISO auditor labelled usecure as the 'best and most comprehensive' human risk management solution they'd seen.”

The Solution

usecure offered the Mentor Group a comprehensive human risk management solution, integrating security awareness training, phishing simulations, and policy management into a single platform. The Auto Enrol feature allowed Mentor Group to automatically enroll all employees in core information security courses, simplifying administration while ensuring regular training delivery.

With usecure’s video-based courses taking just 5 to 10 minutes to complete and being trackable through comprehensive reports, Mentor Group could monitor employee progress effectively.

The automated phishing simulation tool, uPhish, further bolstered Mentor Group's training strategy. It enabled realistic phishing simulations, providing employees with practical experience in identifying and reporting phishing attempts in their email inboxes.

The Results

The ISO auditor’s feedback was overwhelmingly positive. During the audit, it became clear that Mentor Group’s use of usecure significantly enhanced their security awareness culture. Regular training led to:

  • User Score Improvement: Average scores increased by 34% after training.
  • Decreased Phishing Compromise Rate: The average rate dropped by 29% in the first year of training.
  • High Training Engagement: A remarkable 94% course completion rate indicated strong employee participation and commitment to learning.

Mentor Group's comprehensive approach, including bite-sized training courses sent every four weeks, not only improved employee knowledge but also contributed to a culture of vigilance regarding cybersecurity.

Key Takeaways

  • Regular, tailored training is essential for compliance with standards like ISO/IEC 27001.
  • Comprehensive reporting and user engagement are critical for demonstrating effective training programs.
  • Investing in a holistic human risk management solution can significantly improve security awareness and reduce phishing risks.

Get Started with usecure

Empower your organization like Mentor Group did. Explore how usecure's award-winning Human Risk Management solution can enhance your cybersecurity strategy.

👉 Want to see our human management risk platform in action? Book a demo today.