Wortell Enterprise Security connects Arda and Phished to its services

A new generation of security awareness

Press CDC (Cyber Defense Center)

28-5-2026

This article is automatically translated using Azure Cognitive Services, if you find mistakes, please get in touch

Lijnden, 28/5/2026 Wortell Enterprise Security is entering into a strategic partnership with Arda and Phished in the field of security awareness. With this dual-vendor approach, Wortell connects two leading partners to its services, each with its own complementary strength. This gives customers access to exactly the solution, or combination of solutions, that suits their maturity, sector and risk profile.

The partnership responds to a market in which, according to the Verizon Data Breach Investigations Report 2025 , approximately 60% of all data breaches involve a human factor, ranging from phishing and social engineering to unintentional errors. For organizations that want to strengthen their digital resilience, behavioral change is therefore at least as important as technology.

What is a dual-vendor approach to security awareness?

A dual-vendor approach means that customers get access to two specialized suppliers within the same service through one partner. In the case of Wortell, this means that organizations can choose between Arda, Phished, or a combination of both. In this way, the solution is in line with the maturity, sector and risk profile of the organisation, instead of opting for one generic approach.

Why is a new approach to security awareness needed?

The field of security awareness is changing rapidly. Whereas for a long time awareness was mainly filled with classroom training and generic e-learning, there is now room for an approach in which behaviour, context and risk are central. Compliance alone is no longer enough; Organizations want to measure and manage the actual behavioral resilience of their employees.

"We believe that security awareness only makes a real impact when it goes beyond knowledge transfer and compliance. The goal is not for an employee to recognize a phishing email because they have seen it before, but to intrinsically understand what safe digital behavior is and what role they play in their organization's line of defense. This requires a personal, data-driven approach and partners who give substance to this based on their own expertise. We are proud that with Arda and Phished we can connect two partners who share this conviction."

— Dennis de Hoog, Business Manager Security at Wortell

Security Awareness

From risk to resilience

Discover how Wortell helps make employees more resilient against phishing, social engineering and other cyber threats.

What is the difference between Arda and Phished?

Arda: gamified security awareness from the Netherlands

Arda is a Dutch specialist in gamified security awareness. With serious gaming, interactive storylines and sector- and role-oriented content, Arda turns learning into an experience that touches and activates employees. Arda's strength lies in recognition and meaning: scenarios that connect to daily practice and that encourage people to change their behaviour. The automated platform completely unburdens the learning process, so that the management burden is minimal and adoption is maximized.

Phished: AI-driven security awareness from Europe

Phished is a European pioneer in AI-driven security awareness and behavioural change. The fully automated platform generates realistic simulations that adapt to the role, behavior and risk profile of each employee and continuously measures the behavioral resilience of the organization with the Behavioral Risk Score™. Phished's strength lies in scale, realism and data.

By connecting both partners, Wortell can offer customers a truly suitable solution. Customers can opt for one or the other or for a combined approach in which Arda's recognizable experience and Phished's AI-driven simulations reinforce each other.

Reactions from the partners

"Not a week goes by without a news item appearing that an organization has been hacked because employees have been manipulated. Against this background, security awareness is only effective if employees are continuously informed of current threats and if that knowledge is presented in a stimulating, attractive way. At Arda, we do this through cinematic storytelling based on recognizable Dutch situations. Only then do people recognize a threat and know how to act. In Wortell, we have found a partner that is active in the same markets and excels in cybersecurity services. Together, we perfectly fill in the triangle of People, Organization and Technology and Arda is a logical addition to Wortell's service portfolio. We are proud that together we can make the Netherlands more resilient."

— Wilbert Pijnenburg, Director of Business Development at Arda

Phished also underlines that effective security awareness goes beyond knowledge transfer alone. The goal is not for employees to simply know what the risks are, but for them to behave differently in practice when it matters.

"At the end of the day, only the positive change in behaviour counts"

— Dries Masselis, Partnership Manager at Phished

About Wortell Enterprise Security

Wortell Enterprise Security helps organizations realize a modern, integrated security strategy. By combining technology with adoption, governance and AI-first solutions, Wortell strengthens the digital resilience of organizations in the Netherlands and abroad. Wortell is located in Lijnden and was founded in 1997. Wortell has been recognized by Microsoft as Enterprise Security Partner of the Year Netherlands 2025, verified MXDR partner and member of the Microsoft Intelligent Security Association (MISA). From its own 24/7 Cyber Defense Center, Wortell manages more than one million assets for customers in healthcare, financial services, industry, retail, logistics and the public sector, among others.

About Arda

Arda is a Dutch specialist in gamified security awareness, founded in 2018 by Maarten van den Heuvel and Henri Koppen. With serious gaming and sector- and role-oriented content, Arda turns security awareness into a learning experience that touches, activates and makes employees resilient. The Arda platform works fully automatically and is used by partners in healthcare, education, government, industry and business services, among others.

About Phished

Phished is a European pioneer in AI-driven security awareness and behavioral change, founded in 2018 and based in Leuven, Belgium. The fully automated platform combines personalized phishing simulations, short training courses and real-time threat intelligence and continuously measures the behavioral resilience of organizations with the Behavioral Risk Score™. Phished serves more than 2,500 organizations in over 100 countries, from SMEs to large enterprises.

Frequently asked questions

Which organizations is this partnership intended for?

The dual-vendor approach from Wortell, Arda and Phished is designed for medium-sized and large organizations that want to elevate their security awareness from one-off training sessions to a continuous, data-driven program. The approach is suitable both for organizations that are just getting started with awareness and for organizations that already have a mature program and want to develop it further.

Can I also purchase Arda and Phished separately through Wortell?

How does this approach differ from traditional security awareness training?

Traditional awareness mainly focuses on knowledge transfer through classroom-based or e-learning training. Wortell’s approach with Arda and Phished focuses on behavioral change: employees learn through realistic scenarios tailored to their role, while behavioral resilience is continuously measured and adjusted.

How do you measure the effect of security awareness?

Phished uses the Behavioral Risk Score™, which quantifies behavioral resilience at both employee and organizational level. Arda adds insight into engagement and progress: organizations can see how many employees are following or have completed modules, which components are being used and how employees score in phishing campaigns. In addition, Wortell provides management-level reports that show how the program contributes to the broader security strategy and compliance requirements.

Does this approach align with NIS2 and other compliance requirements?

Yes. NIS2 and similar regulations set explicit requirements for security awareness and behavioral change. The approach from Wortell, Arda and Phished is designed to demonstrably support these requirements, including reporting and evidence for auditors and regulators.

What does a typical process look like?

A process starts with a baseline measurement of the organization’s current behavioral resilience. Based on this, Wortell works with the customer to put together a program in which Arda and/or Phished are deployed. The program is then continuously monitored and adjusted based on data and concrete learning objectives.

Our author

Gitte Thijssen

Gitte Thijssen is a Campaign Marketer at Wortell. In this role, she translates complex topics around cloud, security, and AI into clear campaigns and content that help organizations navigate their digital and AI-driven transformation.

Gitte works closely with specialists and customers to connect strategic propositions with relevant, meaningful stories. With a strong focus on audience, timing, and impact, she ensures that insights on AI, organizational design, and technology are not only shared, but truly resonate with decision-makers. Her focus is on creating campaigns that inform, inspire, and help organizations take well-considered steps toward a future-ready IT and AI strategy.

Contact me. See all articles of Gitte.