How Apex Financial Reduced Phishing Incidents by 73%
A Fortune 500 financial services firm transformed their security culture with TIDALBAY's real-time risk scoring and automated training.
Key Results
73% reduction in successful phishing attacks
89% employee engagement with security training
4.2x ROI in first year
< 3 minutes average time to report threats
73%
reduction in successful phishing attacks
89%
employee engagement with security training
4
.2x ROI in first year
< 3 minutes average time to report threats
The Challenge
Apex Financial Group, a Fortune 500 financial services company with over 15,000 employees, faced a growing threat from sophisticated phishing attacks. Despite investing heavily in email security tools and annual compliance training, employees continued to fall victim to social engineering attacks.
"We had all the technical controls in place, but phishing emails were still getting through, and employees were still clicking," explains James Mitchell, CISO at Apex Financial. "Our annual training wasn't changing behavior—employees would complete it and forget everything within weeks."
The challenges were compounded by:
- Regulatory pressure: Financial regulators increasingly scrutinized human security controls
- Remote work: Post-pandemic distributed workforce made training and monitoring more difficult
- Targeted attacks: Spear-phishing campaigns specifically targeted executives and finance teams
The Solution
Apex Financial implemented TIDALBAY's employee security scoring platform to create a continuous, data-driven approach to human security.
Real-Time Risk Visibility
TIDALBAY integrated with Apex's existing security stack—Okta for identity, Microsoft 365 for email, and CrowdStrike for endpoints—to aggregate security signals and calculate real-time risk scores for each employee.
"For the first time, we could see who our highest-risk employees were and why," says Mitchell. "It wasn't just about who clicked on phishing simulations—we could see the complete picture of security behavior."
Automated, Personalized Training
Instead of one-size-fits-all annual training, TIDALBAY automatically assigned targeted training based on each employee's risk profile:
- Employees who clicked phishing links received immediate micro-training
- Those with weak password hygiene got credential security modules
- High-risk employees received additional coaching and monitoring
TIDALBAY Coach
The deployment of TIDALBAY Coach provided real-time security guidance when employees encountered suspicious content. When an employee received a potential phishing email, Coach highlighted the warning signs and provided one-click reporting.
Results
After 12 months with TIDALBAY, Apex Financial saw dramatic improvements across all security metrics:
73% Reduction in Phishing Clicks
Real phishing attempts that previously succeeded dropped from an average of 18 per month to just 5. More importantly, employees began reporting suspicious emails at 3x the previous rate.
89% Training Engagement
Unlike the 40% completion rate for annual training, micro-training modules assigned through TIDALBAY achieved 89% completion within 48 hours. Employees found the relevant, just-in-time approach more valuable.
Faster Threat Response
Average time to first report of a phishing attempt dropped from 45 minutes to under 3 minutes. This enabled the security team to block threats before they spread.
4.2x ROI
When accounting for reduced incident response costs, avoided breach expenses, and efficiency gains from automated training, Apex calculated a 4.2x return on their TIDALBAY investment in year one.
Key Takeaways
James Mitchell shares the lessons learned from Apex's transformation:
"The biggest shift was moving from annual compliance to continuous improvement. TIDALBAY gave us the data and automation to make security awareness an ongoing program, not a yearly checkbox."
Success Factors
- Executive sponsorship: The CEO publicly committed to improving security culture
- Transparency: Employees could see their own scores and understood how to improve
- Positive reinforcement: Top performers were recognized, creating healthy competition
- Manager involvement: Department heads received risk reports for their teams
Looking Forward
Apex Financial continues to expand their use of TIDALBAY, recently adding integrations with Slack for real-time coaching in collaboration tools and implementing advanced ML-based anomaly detection for their executive team.
"Human risk management is now a core part of our security strategy," concludes Mitchell. "TIDALBAY gave us the visibility and tools to actually change behavior, not just train and hope."
Ready to achieve similar results? Request a demo to see how TIDALBAY can transform your organization.
Ready to achieve similar results?
See how TIDALBAY can transform your organization's security posture.