– 1 800 pairs of security eyes is better than ten.

Storebrand has chosen Secure Practice to help employees with safe handling of suspicious emails. Bjørn Richard Watne (CISO) says the solution greatly helps both preventive and operative security.

– This way, our company receives hundreds of new security eyes, which enable us to detect a lot more of what goes on at any time, and the security can be accordingly close to the action when something happens.

– We really like how Secure Practice allows colleagues help each other in a simple and visible way, continues Maja Charlotte Otnes, who is Risk & Security Manager at Storebrand.

She has led the work with establishing the service inside the enterprise, and describes how Secure Practice both simplifies and improves the handling of suspicious emails in the employees' inboxes.

– It is much more effective for us when Secure Practice can give the user automatic feedback on results from the analysis, and we see that users appreciate this. In addition, we get all data very accessible when we do our own assessments, and the automation helps us make the assessments much more efficiently. This way, we can put a priority on relevant mitigation efforts, instead of spending time on processing every single email manually, says Otnes.

Market leading user experience

Previously, Storebrand had implemented a manual process for reporting emails, where the degree of reporting and data quality to a great extent depended on the individual users' IT skills.

– Most people tried to simply forward the email to notify about something suspicious. This however caused us to miss out on important meta data data about origin and email sender, which is essential for further analysis and implementation of effective countermeasures, Otnes explains.

From an internal end-user survey, she can tell that with Secure Practice in place, people have a really positive experience with being able to check emails quickly, including the opportunity to ask for further feedback, if necessary. The amount of reported incidents related to suspicious emails has in addition increased significantly.

– Secure Practice offers a holistic solution with a great end-user experience, says the risk and security manager.

Key piece in the security puzzle

With more than € 100 billion in managed capital, the Storebrand group is a leading actor in the Nordic market for long term savings and insurance. As a consequence, the company's employees in both Norway and Sweden become attractive targets for cybercriminals.

– We see that email is the most frequent attack vector against us, in addition to the wide application and attack surface for the entire group, says Bjørn Richard Watne.

He points out that spam and virus filters are only as good as their last update, and that the security department works continously with awareness and following up on all employees.

– Security is a collective responsibility at Storebrand. We find it exciting how Secure Practice combines a more traditional form for protection and reporting, with the opportunity for integrated training of employees on information security, Watne continues.

Enabling technology collaboration

The MailRisk service is delivered in collaboration with a managed security services provider (MSSP), who already operates a 24/7 security monitoring service for Storebrand. The MSSP has further developed an integration between Secure Practice and their own security platform, which enables further automation and mitigation.

Maja Charlotte Otnes has expectations to this collaboration going forward, and is happy to see innovation within this important area.

– It is exciting to see the puzzle coming together. Email is in one way very simple, yet at the same time a complex attack vector to protect an entire organization against. We cannot only think about the technical solutions and people separately, both need to be aligned, she concludes.

Sector Financial services
Revenue € 3 305 Million (2018)
Employees 1 800


«A holistic solution with a great end-user experience»


Simplifies and improves: Bjørn Richard Watne and Maja Charlotte Otnes at Storebrand explain how Secure Practice offers efficient management of the most used attack vector against the enterprise.

– 1800 pairs of eyes on security is better than ten

Financial services company Storebrand has chosen Secure Practice to help employees with safe handling of suspicious emails. Bjørn Richard Watne (CISO) says the solution greatly helps both preventive and operative security.

Read customer story →

– MailRisk helps 50 times more people with suspicious email

Compared to the previously manual helpdesk process, more than 50 times as many cases are now handled with MailRisk for quick and frictionless analysis and reporting across a large customer base, with overall approximately the same effort.

Read customer story →

– The collective benefit is significant to us

Chief information security officer (CISO) Vigleik Hustadnes at energy and communications company Tussa, says that employee awareness and security culture is an important focus area for their security work, and that Secure Practice is a good match for their organization.

Read customer story →

Human security sensors ebook cover

Ready to get started?

We have written a guide for you to get started with human-centered security. Access our free resource now, and learn:

  • How to nurture drivers for employee engagement
  • How to avoid common obstacles for reporting
  • Practical examples and steps to get started

Download free PDF →