How wall-to-wall training certificates became the ultimate measure of security awareness success

25-Year Established MSP

This established MSP has been serving small to mid-sized businesses for over 25 years. Their cybersecurity philosophy centers on simplicity: keep solutions straightforward to encourage genuine client engagement.

“So many cybersecurity and compliance offerings are so complex and require too much dedicated time and resources on the client’s end,” explains Ryan, their team lead.

This principle of practical simplicity would prove essential when they discovered that traditional security awareness training platforms were creating barriers instead of solutions.

When a purchased platform never sees the light of day

“The failure to launch our other solution was due to the administrative overhead it would have added on our end, as well as a lack of engagement from the client.”

This MSP had already invested in a traditional cybersecurity awareness and phishing training platform. Despite their 25 years of implementation experience, they never successfully launched it to their client base.

The roadblocks were insurmountable:

• Configuration complexity: Endless time spent setting up and scheduling campaigns
• Technical hurdles: Constant whitelisting and delivery tuning issues
• User friction: Clients’ employees struggling with account creation and login management
• Platform instability: Persistent bugs and technical problems requiring ongoing support
• Client pushback: Leadership resistance to “catching” employees and managing the negative fallout

“Between configuring and scheduling the campaigns, whitelisting and tuning of phishing testing delivery, having the clients’ users create and remember their accounts for the platform, bugs/issues with the platform itself, etc., it was just overwhelming.”

The team found themselves testing other solutions, but discovered the same pattern: platforms that demanded extensive administration from MSPs and complex engagement from clients.

Discovering true automation with CyberHoot Autopilot

“When I found CyberHoot, the immediate appeal was that it requires almost no administrative overhead on our side.”

After their failed launch experience, the MSP began testing alternatives. CyberHoot stood out for two fundamental reasons:

• Genuine automation: Unlike competitors requiring constant management, CyberHoot needed minimal ongoing work from the MSP team.
• Educational approach: Instead of “catching” users with phishing simulations, CyberHoot focuses on teaching through positive reinforcement – an approach client leadership actually wanted.

The implementation requirements were refreshingly simple:

• Almost no administrative decisions needed from the MSP
• Only two pieces of information required from clients: start date and manager for reports
• No whitelisting concerns for phishing training delivery
  Seamless Microsoft 365 integration for their client base

“A big appeal was the phishing training based on education, NOT by tricking the users into falling for phishing attempts, which we anticipated would be received much better by clients’ leadership.”

From zero administration to maximum engagement

“You can’t get much more efficient than having to do absolutely nothing!”

The transformation was immediate and comprehensive:

Complete operational efficiency: “We no longer have to spend any time at all administering a client’s SAT with CyberHoot. Our service desk team doesn’t have to add users, remove users, schedule campaigns, or review and schedule training courses. Everything is automatic.”

Virtually elimination of support issues: “We very rarely open any tickets from clients related to CyberHoot. We have received maybe 2 questions total, the entire time we’ve had the platform deployed.”

Unexpected client enthusiasm: The true measure of success came from a longtime client who demonstrated genuine engagement in a memorable way:

“We had a long-term client (20+ years), who typically doesn’t engage with us much, where we found their users were printing out every single CyberHoot training certificate from every video and phishing training assignment. They were all hanging them up in their cubicles, filling up every wall with CyberHoot certificates, seeing who had the most.”

Business transformation: “Without CyberHoot, we likely would not have launched a security awareness training and phishing training product for our clients.”

Exceptional ROI: “CyberHoot is incredible value. It’s so inexpensive that it essentially eliminates all budget concerns for having a security awareness and phishing training platform. That combined with the very limited administration and deployment steps makes it an absolute no-brainer and likely the highest ROI product in our entire stack.”

The platform’s success has enabled business growth, with their new sales team now actively running CyberHoot campaigns to increase adoption among existing clients.

Partnership that delivers: “CyberHoot takes feedback seriously. Even if it’s something that takes a long time for them to research and test, you always hear back. The product has become better, hopefully due to some of our own feedback over the time we have been using it.”

For other MSPs considering CyberHoot, Ryan’s advice is strategic: “Sell the value of CyberHoot’s unique solution, not the solution itself. Talk to clients about education-based phishing training and the benefits over the ‘we caught you’ method. Ask them which method seems like employees would appreciate and engage with more. This makes the solution sell itself and sets you apart from other MSPs.”