Introduction
“Redflags by ThinkCyber provides Hyde with an effective, multi-channel approach to delivering security awareness, and it’s a vital part of their toolkit for protecting the organisation and their customers.
Meet Hyde
Hyde is a group led by a not-for-profit charity, that provides some of the most affordable homes in London and the southeast and has done so for almost 60 years. As a group led by a not-for-profit charity, we’re here for the good of our customers. They ensure people have a safe, affordable, and comfortable home to be proud of.
As part of their responsibility to the people they serve, they maintain stringent data security and privacy measures, making it essential to have robust tooling that educates their workforce and keeps sensitive customer information secure.
Hyde's large, diverse workforce, ranging from office-based staff to field technicians without dedicated laptops, posed a challenge for delivering consistent cybersecurity training. With operations that involve processing sensitive personal data, Hyde needed a solution that would enable effective, targeted security awareness across various user groups. As Nicholas Grbesa, IT Security Manager at Hyde, noted, “Colleagues need to be aware of their obligations and traditional methods, like paper-based policies, aren’t able to achieve behavioural outcomes alone, a multi-channel approach is what’s needed.”
Efficient, Non-Intrusive Security Training
Hyde began using Redflags as a tool to help realise this multi-channel vision. The platform allows Hyde to deliver relevant, targeted security training to different segments of the organisation at the point of greatest risk. Nicholas highlighted the value of Redflags’ approach, stating, “Having a multi-channel approach to security awareness is key, and Redflags fits right into this by delivering bite-sized content in a way that’s not invasive but effective.” This dynamic approach helps ensure that colleagues remain aware of security threats while continuing their daily work uninterrupted.
Through a sustained programme of regularly deployed campaigns, Hyde was able to reduce the link clicks in emails from unknown senders by 72.3%, which enabled correction of any lapses in behaviour and continued to embed safer online working practices.
Hyde has found the Redflags platform delivery method to be both efficient and unobtrusive. Rather than bombarding employees with excessive training materials, Redflags presents information in bite-sized chunks, in neat application overlays directly on a person’s device. These key messages and nudges are delivered at the moment of greatest risk so that safer behaviours can be followed without disrupting everyday workflows. These timely, concise stories have really resonated with Hyde’s employees. Every Redflags story – a short collection of informative cards shown on the desktop – that IT Security has deployed has a dwell time of over a minute, showing users find the content engaging and useful.
Educated Workforce, Stronger Defences
The ease with which employees could absorb information also translated into measurable improvements in security behaviour. Hyde observes fewer incidents associated with staff falling for phishing scams, as users are more educated on identifying and responding to such threats. Nicholas noted,
“We now have a more educated workforce. They’re aware of not only the most common attack techniques, like phishing and social engineering but also the latest attack vectors which makes a significant difference.”
Redflags has been an instrumental tool in enhancing Hyde Housing's security awareness strategy. The software’s ability to target specific groups with customised training, deliver content in a non-intrusive way, and encourage a positive security cultural shift within the organisation has made it a key part of Hyde’s overall cybersecurity tech stack. For Hyde, Redflags not only ensures compliance with data protection regulations but also empowers employees to be proactive in safeguarding sensitive information. As Nicholas summed up,
“Redflags provides us with an effective, multi-channel approach to delivering security awareness, and it’s a vital part of our toolkit for protecting our organisation and our customers.”