How Rieker builds cyber-resilience with Sofie, the AI-powered copilot

Rieker Gruppe manufactures shoes and bags for men and women to around 6,000 independent retailers globally. In 2021, a third party audit process recommended a more robust cybersecurity solution be rolled out to their workforce of 22,000. SoSafe partnered with Michael Zimmermann, IT Security Analyst, to help Rieker build and maintain cyber-resilience across the organisation.

An overloaded support team was buried in level zero support tickets, hindering focus on employee engagement. To ease workloads, Michael integrated Sofie-the AI powered conversational bot- and built a culture of awareness that engages all users, regardless of role or position in the company. This is their journey.

Security that speaks human

An email security incident triggered the creation of Michael’s role to mitigate future threats and build a company-wide culture of vigilance. Michael knew that as an administrator, he could adapt to any tool. But the user was the most important factor when evaluating potential solutions.

“SoSafe stood out amongst its competitors. The products were innovative, user-friendly and engaging, and I was curious as to how much difference we could make with an AI integration.”

The Rieker organisation is spread out across 6 continents, with a vast production site in Vietnam. To train existing employees and constantly onboard new team members was not sustainable.

Crucially, the solution had to be compliant with stringent data regulations in multiple countries. For Rieker, SoSafe was the solution, and they rolled out the full suite of products including; Human Risk OS, Sofie, Personalised Micro-Learning and Multi-Channel Phishing Simulations.

“When I mentioned SoSafe to the auditing company, they were very happy that we were making the right moves. And this was very reassuring.”

Burn-out was top of mind for Michael, who saw that the security team were buried in support tickets and repetitive queries. Sofie, the AI-powered conversational bot, helps users by answering common security questions using a company’s knowledge base. Rieker integrated Sofie into its existing support ticketing system to deal with level zero support.

Sofie intercepted  frequent queries like forgotten passwords and phishing detection, with an immediate impact on IT hours.

Michael described, ‘we have a phishing button and a knowledge base, but employees do tend to raise alerts via chat or email. Sofie intercepts and makes quick recommendations, raising awareness among employees and easing the load on the wider team.”

By reducing level zero support via Sofie, Rieker saw an instant 30% productivity improvement for the security team. But even more, they could now focus on the data generated by SoSafe analytics. For example, analysing phishing simulations that prompted the most clicks to uncover how and why employees lowered their vigilance in the moment.

SoSafe Multi-channel Phishing Simulations, a suite of multi-channel social engineering experiences, adapts to employees’ specific roles, skills and behaviours to better prepare them for real-life threats while reducing operational burdens.

Michael recalled a SoSafe phishing simulation pertaining to payroll that generated a 30% click-rate—very high for Rieker. “I wanted to understand why people click. With SoSafe we could look inside and pinpoint the topics that motivate employees.”

How did they use this to improve? They shared these insights cross-functionally with the goal of reducing employee anxiety on certain topics. And it worked. Communications around payroll were made more transparent and click-rates continued to decline.

Rieker’s human-centric approach flipped the narrative from blame to empathy. Something Michael knew would make a difference in improving awareness holistically.

But what about the day-to-day training?

SoSafe’s Personalised Micro-learning is built on behavioural science and designed to adapt. It delivers ready-to-use, bite-sized cybersecurity training that fits into daily workflows.

Each user receives a personalised learning path tailored to their needs, keeping content relevant, and engaging. Gamification adds challenge, recognition, and momentum.

Choosing their own learning paths gave employees a renewed energy in completing what was previously viewed as a static and laborious training task at Rieker.

“I had some users who loved the gamification, and others who were not as keen on those aspects but, after seeing the data that the simulations generated, completely understood the value of this approach.”

Lunch-and-Learn sessions delving into behavioural trends prompted discussions amongst varied roles across the organisation and raised awareness on the importance of cyber resilience.

“Many users asked me how to get this training for their family and friends which really demonstrated a deeper understanding.”

Company-wide transparency and collaboration at Rieker saw click-rates fall from over 20% during the initial POC, to 12%.

It’s about more than a click

More autonomy prompted higher engagement rates with 90% positive feedback for the SoSafe products. More user data unlocked more insights and higher awareness amongst Rieker employees of how to identify and mitigate threats.

“Discovering that 80% of the employee base are already ‘cyber heroes’ allowed us to focus on how we improve the remaining 20%. That was a crucial step in our human risk management,” says Michael.

So what makes a cyber hero? And how do you capture those repeatable behaviours? At Rieker, you continue to centre on the user, analysing behaviours to build that picture of resilience, not forgetting those common slips that make us all human.

Because, as Michael highlights, “It is not just about the click. That is the first step. What you really want to know is what is happening after the click. This is not something you can see with other solutions.”

SoSafe lets you know. Multi-Channel Defense extends your security perimeter beyond email with targeted smishing simulations, protecting your workforce across every digital touchpoint and exposing interaction rates after the first click.

One phishing attempt at Rieker began with an email leading to a fake Excel overlay and Microsoft login page. Two employees clicked. “Of course, at that moment I didn’t care if they were clicking or not. What I cared about was where they were interacting.”

With SoSafe knowledge on Rieker interaction rates at 50%, Michael could predict that at least one employee would be clicking inside a fake website and take steps to shut the incident down and guard against future threats.

Michael has a pragmatic view on cybersecurity. “Achieving 100% security is not possible. But with SoSafe we can focus on the human experience, and keep building a strong culture of awareness and vigilance.”

With SoSafe, you can ensure cybersecurity awareness is more than a once-a-year exercise. It becomes part of how your teams work, think, and respond – every day.