Welcoming SoSafe as an HSD Premium Partner
SoSafe recently took the plunge and became a premium partner of Security Delta (HSD). This security awareness platform serves 1.7 million users in 30 languages, and recently opened an office in the Netherlands. To find out more about what they do and what their dreams for the future of security are, we spoke to Bas van Erk, Director Benelux & Nordics for SoSafe in his Amsterdam-based office.
Can you describe SoSafe and its activities?
85% of cyber breaches start with the human factor but 80% of employees do not feel sufficiently forewarned or trained. SoSafe helps organizations address this problem with a cybersecurity awareness solution: Based on behavioral science and learning psychology, employees receive trainings with regular learning content as well as phishing simulations that help them to identify cyber threats and react accordingly. At the same time, the management can access the risk on a daily and data-driven scale: They can measure the likelihood that their employees would click on or interact with a phishing mail, take the appropriate action to avoid being the next victim of a cyber attack and limit the risk in a sustainable way. Our data shows that after one year, click rates can be reduced by 70%, and interaction rates by as much as 80%.
SoSafe is growing very quickly compared to its competitors. Why do you think that is?
At SoSafe, we are approaching security awareness from a people-focused perspective. One of our founders, Niklas Hellemann, is a psychologist and is driving this perspective across the company. Therefore, our product is based on behavioral science and learning psychology whilst working very data driven. We are using strategies like gamification, micro-learning or nudging which show significant improvement in the reportings of our customers. Our team consists of experts in this field as well: in our product team for example, more than 30 percent have a background in social science. This sets us apart from our competition. After establishing our market leadership in the DACH market, we are therefore currently growing across the European markets.
What kind of businesses and organisations are you working with?
Cyberattacks are seen as the biggest business threat of our time, and thus cybersecurity is a topic for every organisation, across all industries. Therefore, our customers vary from multinational companies to small and medium-sized companies, including the public and the private space.
What led you personally to champion this cybersecurity cause?
A friend of mine runs a family company with his wife, and they were hacked a while ago. That’s the first time I saw the impact that a cyber-attack can have, not just on the company, but also on a personal level. I was there for the negotiations, the recovery process, the uncertainty they went through, all of it. What this does to people within a company, the impact, is much heavier than I anticipated. That really opened my eyes to the human component in cybersecurity.
What would you say SoSafe adds to the security cluster?
I think we add a range of things. Our expertise in security awareness and behavioural science brings a lot a value to the current discussions around social engineering. We also see that many companies within the cluster are mostly focused on the technical aspects of cyber security, whereas we exclusively focus on the human factor. We have a lot of knowledge to share on this subject and are also looking forward to be learning from our peers in the cluster. As Joris den Bruinen (Director of HSD) said: ‘It’s not just within the cluster, but around it as well.’
Are you looking for other specific collaborations within the HSD cluster?
We want to contribute to the discussions around cyber security and especially security awareness and support in any projects that result from these discussions. Additionally, we are looking for channel partners as well as partners for knowledge sharing. We’re relatively new to the Dutch market, so we’re still looking for partnerships to collaborate with. In a nutshell: our approach is innovative, and we want to enable people to feel save in the increasingly connected and digitalized world.
We are keen to exchange ideas with everyone who aims for the same. Additionally, I think it’s important to build something local to avoid becoming entirely dependent on large corporations from the US, for example. Especially in the context of data privacy, with regards to GDPR, this can be tricky in certain cases.