We wrote the book on Modern Human Risk Management
Read now
Sign in
Book demo
Sign in
Book a demo

Category: Case study

From annual training to real impact: Pennymac’s modern approach to security awareness

Posted on by Miranda Carter
The TL;DR

  • Pennymac moved beyond annual training to an ongoing, security behavior program
  • Fable delivers role-specific messaging based on real user risk, and delivers interventions
  • Short-form video dramatically outperforms traditional email training
  • Increased video engagement correlated with faster OS patching and reduced vulnerabilities
  • Pennymac was able to close the loop, measuring whether security behavior changed

As social engineering threats evolve, and grow more convincing with AI, traditional security awareness training is no longer enough. In this customer testimonial video, the Pennymac CISO Cyrus Tibbs explains why annual refresher courses and generic email training fall short, and how his team uses Fable to deliver timely, role-specific security messaging that keeps pace with a rapidly changing threat landscape.

Cyrus describes a fundamental shift in how attackers operate: instead of breaking systems, they target people. That reality pushed Pennymac to rethink security training as an ongoing, behavioral program that understands individual risk, delivers relevant guidance in the moment, and measures whether behavior actually changes. Rather than relying on one-size-fits-all emails, the team adopted an approach closer to social media marketing: short, direct, actionable messages designed to drive engagement and measurable outcomes.

Using Fable, Pennymac automatically segments employees into cohorts based on role and observed behavior. These include money handlers, privileged infrastructure users, developers, and public-facing roles, each with distinct risk profiles and training needs. By eliminating guesswork around who receives which training, the security team ensures messaging is targeted, timely, and relevant, all without the manual toil.

The impact has been both immediate and measurable. A/B testing revealed dramatic differences in engagement between traditional email instructions and Fable’s AI-generated briefing videos, with employees consistently responding better to video. In one case study focused on OS patching, Pennymac integrated Fable with its vulnerability management system and tracked outcomes from video delivery through patch completion, finding a clear correlation between video engagement and reduced vulnerabilities.

Today, Fable has become Pennymac’s default platform for driving organizational change, not just security training. Cyrus notes that Fable’s automation and targeting capabilities free up significant staff time, while employees consistently respond positively to the short-form video format. The result is a security awareness program that scales with the business, adapts to real risk, and earns employee attention.

Genesys security is preparing employees for attacks of tomorrow

Posted on by Miranda Carter
The TL;DR

  • The Genesis security replaced checkbox training with modern, short-form briefings that more closely resembles social media content
  • Engagement increased immediately, even after failed simulations
  • Employees reporting suspicious activity rose by double digits
  • Upon a request from incident response, the team delivered custom, threat-specific training in about a day using Fable

Traditional security awareness training often feels like a checkbox—something employees rush through and quickly forget. In this customer testimonial video, the Genesis security team shares how they set out to change that dynamic, using Fable to deliver crisp, short-form training that mirrors the content employees already engage with on platforms like TikTok and Instagram Reels.

Featuring insights from Marlene Galvan, Portfolio Coordinator and Security Awareness Lead, and Jonathan Chow, CISO, the video explores what happened after Genesis moved away from traditional, long-form training and adopted a more modern, human approach to security awareness.

The shift in employee response was immediate. Engagement increased, and for the first time, employees began offering positive feedback, even after failing a simulation. Instead of frustration or embarrassment, many appreciated the briefings for being short, relevant, and delivered in a positive, non-punitive tone.

That engagement quickly translated into measurable results. Genesis saw double-digit percentage point increases in employees reporting suspicious activity—one of the clearest indicators of an effective security awareness program. Not long after launch, the incident response team proactively requested a targeted phishing training video for a specific threat. Using Fable, Genesis delivered a custom video in about a day, tailored precisely to the behavior they needed to change.

The video also highlights how Fable’s AI-powered platform enables rapid, flexible content creation, including company-specific details, custom graphics, and topic-focused messaging that feels relevant rather than generic. By prioritizing short, targeted content, Genesis found that security awareness became easier to absorb, and far more likely to stick. As the team puts it, Fable helps make the “medicine go down easier.”

Finally, Marlene and Jonathan emphasize the partnership itself as a key factor in their success. Rather than a traditional vendor relationship, the Fable team operates as an extension of Genesis’s internal crew, collaborating, exchanging ideas, and working toward a shared mission. The result is a security awareness program that doesn’t just reduce risk, but actively strengthens security culture across the organization.

When a regional attack hit close to home, this team responded in hours, not weeks

Posted on by Curtis Casella

The TL;DR

  • Dayton Children’s needed to respond to an emerging social engineering attack
  • Fable helped its cybersecurity team deliver tailored, targeted training at scale
  • The team uses Fable’s automated insights to reduce workload
  • With Fable, they can remediate based on real risk

When you’re running cybersecurity in a busy hospital, you don’t have the luxury of long response times. This video features how Dayton Children’s cybersecurity team dealt with an emerging social engineering attack making the rounds in regional hospitals, and explains how the Fable platform helped them move quickly when they learned a nearby hospital had been hit—and been ransomed as a result. With the threat suddenly close to home, they needed to brief their entire workforce, quickly, accurately, and in a way people would actually pay attention to.

Instead of sending generic training, the Dayton Children’s team deployed tailored guidance specific to the attackers’ tactics, including a custom vishing-prevention video just for their help desk. The result was rapid, targeted communication delivered at scale—something they had not been able to do easily with their legacy platform.

Beyond incident response, the team shares how Fable now lightens their day-to-day workload by continuously analyzing risky user behavior and surfacing issues before they turn into problems. With a highly-competent staff, but one that’s never big enough for the growing demands, having automated, user-level risk insights helps the team stay ahead without losing precious time to manual review.

In the video, the team also highlights one of the biggest benefits of using Fable: the ability to prioritize remediation based on who was affected. A phish against a cafeteria worker is not the same as one against a nurse with an inbox full of protected health information. By giving them instant visibility into each employee’s data access and behavioral risk, Fable helps the team respond smarter and protect the organization more effectively. In their words: every company needs something like this—especially now.

Pennymac x Fable

Posted on by Danielle Kochavy