VINCI is the world leader in the concessions, energy and construction sector. With headquarters in France, VINCI is renowned for its vast and diverse range of infrastructure projects and services. VINCI operates in over 120 countries, leveraging its expertise to undertake major construction projects including bridges, roads, stadiums, and skyscrapers. VINCI was a major partner behind the success of the 2024 Paris Olympics.

As one of the largest non-state-owned construction firms globally, VINCI’s scale and reach enable it to execute high-impact projects while maintaining a focus on innovation and sustainability. Its diverse portfolio and global operations reflect its commitment to enhancing infrastructure and providing cutting-edge solutions across various sectors.

Managing phishing simulations for 200,000+ users required scalability and efficiency in a decentralized organization. With various IT departments using different email systems, a robust platform was needed to run large-scale campaigns quickly and reliably. Delays or inconsistencies in email configurations could compromise training and data, making an efficient solution crucial for strong cybersecurity.

Integration and reporting were key to unifying diverse data into a global directory. Merging directories ensured accurate tracking of user responses, preventing security gaps. Strong integration enabled comprehensive reporting and insights to strengthen defenses against threats.

Integrating diverse data sources into a unified global directory was vital for accurate reporting and effective phishing simulations. The organization needed to merge multiple directories into a cohesive system to track user responses accurately and avoid gaps that could weaken cybersecurity. Robust integration capabilities were essential for mapping and accessing user data, enabling comprehensive reporting and deep insights to strengthen the organization's defenses against real-world threats.

When we switched to OutThink, these challenges were effectively addressed. OutThink offered a scalable solution that handled our decentralized structure and varying email configurations with ease. The platform provided clear configuration profiles for each of our Office 365 tenants and enabled smooth and efficient email delivery during phishing campaigns.

OutThink’s valuable integration capabilities allowed us to merge our diverse data sources into a unified system. This ensured that our phishing simulations were accurate and that the reporting was precise and comprehensive. The robust dashboards and reporting features offered by OutThink have significantly enhanced our ability to monitor and improve our cybersecurity practices.

Another key factor in choosing OutThink was their UK and France-based support services, which are better aligned with our operational needs. This proximity has greatly improved our efficiency in addressing any issues that arise. Additionally, OutThink’s user-friendly interface was a major advantage, as it reduced the need for extensive training among our 200 campaign administrators and made the solution easy to deploy and use.

The implementation process with OutThink started with a pilot phase at the group level during which we tested its integration with our various email systems. This phase allowed us to resolve any initial issues, ensuring a smooth rollout across all subsidiaries. Each subsidiary now autonomously manages its phishing campaigns using OutThink, while we maintain centralized oversight to ensure compliance with our cybersecurity policies.

Overall, OutThink has enabled us to maintain high security standards across the organization while allowing our subsidiaries the autonomy to conduct their campaigns. The platform’s comprehensive reporting features allow us to monitor compliance with our group-wide policy of performing at least two phishing simulations per year per user, ensuring consistent and effective cybersecurity practices across VINCI.