How SoSafe Multi-Channel Phishing Simulations reduced Scheuch support workloads by 97%
Achieving personalisation and scale in one platform with SoSafe.

97% reduction in time to complete personalized phishing simulations


Scheuch manufactures environmental technology and devices for industrial emissions reduction and climate protection. Their sustainable technologies create a clean planet for future generations that not only meet the current requirements of the industry, but have a positive impact on our environment. SoSafe worked with Gordon Shepherd, Team Leader Service & Infrastructure at Scheuch, to raise cybersecurity awareness through personalised learning paths.
Understanding how different people learn and absorb information is paramount in a workforce of 1,500 across multiple locations. Scheuch removed blame culture with a data-led approach to training to optimise their human firewall.
Security that couldn’t keep up
Hindered by their existing cybersecurity tool, the security team at Scheuch were struggling to move beyond designing simulations and reacting to threat reports.
A singular phishing campaign could take up to 20 hours of design, targeting, implementation and monitoring. This was not sustainable with multiple groups to educate, each needing a tailored challenge depending on their role and function.
With every new campaign, came a slew of support tickets as individual users raised alerts on the potential phishing attempt. This compounded over time, and the security team was buried in reactive manual tasks.
Gordon had considered other solutions, but decided it lacked proactive training and personalisation to really engage users.
SoSafe Personalised Micro-Learning provides ready-to-use, behavioural and science-based awareness training that adapts to evolving user needs. This allowed Scheuch to scale operations while educating employees and improving awareness.
As Gordon noted “People learn in different ways. Some like to read, and others prefer video or simply audio. I liked the SoSafe pre-prepared templates that let us quickly utilise different formats to tailor content.”

And what about language preference? A multinational workforce has a limitless combination of learning preferences. As Gordon explains, “If you have to consume a video that’s in English that tries to explain something to you regarding cybersecurity, but also have to read subtitles, and interact with something that is happening in the corner of the screen. It’s confusing, off-putting, and it does not feel personal.”
Generic training campaigns have a high risk of user drop-off, and Scheuch wanted the exact opposite for its employees. For this, and many other reasons, they chose SoSafe.
Taming the ticket tsunami
When a threat exists, you want users to react. At Scheuch, SoSafe’s Phishing Reporting Button lets users raise a level zero alert. This issued a ticket to the IT team, who used to run through a series of protocols to acknowledge, diagnose and mitigate.
The process was optimised for efficiency. With three response options to communicate with the user and let them know: this is a training, this is a real threat, or this email is safe. But with hundreds of tickets pouring in at one time, it was time consuming.
Sofie – the always-on human security copilot – now integrates with the Scheuch existing support ticketing system for a quicker process. Sofie automates responses to common security inquiries, speeding up issue resolution and reducing the security team’s workload.
As Gordon summarised. “If we use AI, it’s better for the IT team and it’s also better for the user because they get the information right away and don’t have to wait.”

Phishing gets personal
With less time battling tickets, the team can focus on educating and preparing employees for real-world threats. Modern attacks come in many forms, appealing to different personalities, backgrounds and roles. And crucially, they can appeal to someone’s desire to do their job well.
“The landscape is changing so fast. Every week brings new threats that we can spot in the IT department. We can’t expect our users to be aware of each new cybersecurity trend.” Explains Gordon.
SoSafe Multi-Channel Phishing Simulations – a suite of social engineering experiences that adapt to employees’ specific roles, skills and behaviours – lets you create campaigns that reflect realistic threats employees face daily.
As Gordon points out, the aim is to address specific risks associated with distinct users. Business unit, team function and job-role only scratch the surface in audience segmentation. Behaviour data in SoSafe lets you target phishing attacks to where a user is in their learning journey.
“I don’t want to create each and every phish from scratch. The SoSafe database lets us customise templates for teams or functions with very little time commitment. Instead of 20 hours designing a singular simulation, it now takes 30 minutes. And with behavioural data, we have the ability to control the level and frequency of training directed at each person in that team, based on their past responses and risk-level.”
Reduce the training for employees with low-risk parameters, and increase for those who need it the most. And most importantly for Gordon, remove the stigma associated with clicks.
“I’m not sending out phishing emails because I want to say, ‘hey, I’ve got another 90 of you and you’re stupid.’ Actually, it’s the other way around. I want to create a super great phishing e-mail that no-one clicks on. That’s my true aim, and we can only achieve that by teaching them where the risks are.”
Tech toys won’t help users

At Scheuch, they turned what many organisations see as a threat, into their biggest asset. By dissociating blame with human response, and working with the users most in need of cybersecurity training, they cultivated an open, progressive and safe environment to learn.
Gordon sums up the approach perfectly. “On the technical side, I can buy many toys for my IT department and we can build up a huge wall against all the bad people outside. But that is 30% of the risk. 70%, if you ask me, comes through the human layer. With SoSafe, we can arm our employees with the tools to spot and challenge constant cyber-threats.”
With SoSafe, you can ensure cybersecurity awareness is more than a once-a-year exercise. It becomes part of how your teams work, think, and respond – every day.