June 2024

‘Exceptional, in a Bad Way’ – How Groupe Le Monde Fixed a 66% Phishing Vulnerability

Benjamin Netter Riot CEO
Benjamin Netter

As one of the world’s most trusted names in journalism, Groupe Le Monde faces constant cyber attacks. As Chief Technology Officer Sacha Morard says, the company is “a prime target for those who want to harm us, and harm democracy”.

So, how does Groupe Le Monde stay safe in the face of phishing attacks and other threats? It all starts with learning from previous security challenges.

A big wake-up call: How Groupe Le Monde got phished

In recent years, media institutions have faced greater cybersecurity challenges than ever before. And unfortunately, in 2015, Groupe Le Monde suffered a major phishing attack.

“The attackers targeted several mailboxes,” says Olivier Dumons, journalist and Chief Information Security Officer. “A number of people were tricked, including some in sensitive positions.”

As a result, hackers seized the newspaper’s social media accounts and publishing platform. While the company regained control soon after, the experience was a big wake-up call. Sacha and Olivier knew they had to do more to strengthen their level of shared protection.

Groupe Le Monde Riot Case Study

“We started working with Riot after that,” says Sacha. “We launched a phishing test campaign about a fake restaurant ticket payment card on April 1st, as a bit of fun.”

“The result was exceptional, but in a bad way,” explains Olivier. “Of those who received the test email, two-thirds opened it. A large proportion also divulged their login details.”

So, how did Groupe Le Monde bounce back from this 66% phishing vulnerability?

Learn more: ‘There’s No Blah Blah’ – How InfoLogo Protects SMEs with Focused Cybersecurity Training

Combining phishing simulations with tailored training

These simulation results might have been concerning, but they gave Olivier and Sacha a sense of the vulnerability to phishing attacks within Groupe Le Monde. With this baseline, they could start improving their level of shared security with tailored awareness training.

“Riot doesn’t just offer a platform to run phishing tests,” says Olivier. “It also provides support afterwards to ensure that learning feels natural.” By testing people first, Olivier could get a sense of who needs extra training, and who is already responding to phishing threats safely.

Riot Phishing Simulation

As Sacha explains, this training is not only effective, but easy to set up. “The interface to launch interactive training courses for our users is hyper-simple. When we see how effective these awareness campaigns are, we’re delighted to have been able to work with Riot.”

Staying humble in the face of evolving cyber threats

On top of running ongoing phishing simulations and tailored awareness training, there’s one more thing that helps Groupe Le Monde to stay safe from cyber attacks: staying humble.

“One of the first tricks in cybersecurity is not to believe that you’ve done everything right and implemented everything well,” says Sacha. “We still have an enormous amount of progress to make. We’ll be counting on Riot to help us do this.”

Today, Riot is helping 1,000+ companies around the world to stay safe in the face of phishing attacks, AI-generated deep fakes, and other threats. We do this with our cybersecurity coach Albert, who delivers immersive training in quick, impactful sessions people actually enjoy.

Keen to learn more about how Riot can help your team stay safe in the face of today’s biggest cyber threats? Talk to one of our experts today.