CIO Influence
CIO Influence News Security

KnowBe4 Analysis Finds Security Awareness Training and Phishing Effective in Reducing Cybersecurity Risk

KnowBe4 Analysis Finds Security Awareness Training and Phishing Effective in Reducing Cybersecurity Risk

New KnowBe4 “Data Confirms Value of Security Awareness Training and Simulated Phishing” white paper now available

KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform,  announced it has released a new analysis of the effectiveness of security awareness training and simulated phishing on reducing cybersecurity risk, based on data from over 60,000 individual KnowBe4 customer organizations worldwide.

“Data Confirms Value of Security Awareness Training and Simulated Phishing”

The new KnowBe4 white paper, “Data Confirms Value of Security Awareness Training and Simulated Phishing”, is based on the largest analysis of its kind, with over 32 million individual end users, who took over 493 million Phishing Security Tests (PSTs) and participated in awareness training at least once a year.

CIO INFLUENCE News: SentinelOne Bolsters Threat Intelligence Capabilities with Singularity Threat Intelligence

Highlights from the study include:

  • Groups that did frequent PSTs performed better in detecting simulated phishing campaigns than groups that did not.
  • The more frequently that groups did PSTs, the better the users performed on simulated phishing tests. The more PSTs, the better.
  • Groups that did weekly PSTs were 2.74 times more effective in reducing risk than groups that only did less than quarterly PSTs.
  • The longer a group trained, the better they did on simulated phishing tests.
  • Groups that did both training and simulated phishing tests did the best.

“Based on the massive amount of data that we analyzed from around the world, everyone should be conducting frequent simulated phishing tests as part of their security awareness training program to get the highest level of impact and most effective cybersecurity risk reduction,” said Roger Grimes, data-driven defense evangelist, KnowBe4. “Phishing and social engineering account for 70-90% of all malicious data breaches, so focusing on ways to mitigate it are critical to your organization’s overarching cyber defense strategy. We are thrilled to finally have the concrete data to confirm the true value of security awareness training and simulated phishing.”

CIO INFLUENCE News: Cisco Unveils Webex AI Strategy at WebexOne

KnowBe4 customers attest to the important role the platform plays in cyber defense and risk mitigation, along with the overall effectiveness of incorporating security awareness training and simulated phishing into an organization’s cybersecurity strategy:

“Security awareness training and continuous assessment has helped our organization improve our employees’ ability to recognize and avoid interacting with suspicious content in their day-to-day roles. Threats are ever evolving and defensive mechanisms will inevitably fail. When they do, it’s important to have people engaged and connected to trends and suspicious patterns to act as a last line of defense. KnowBe4 has helped us minimize the effort required from our security team to deliver relevant and beneficial information to our employees,” said D.S., sr. manager, IT Security Operations.

“Our security awareness program is a vital component of our defense-in-depth strategy. There is no combination of technical controls we can ever put in place to mitigate all the risks we face. AiTM and other advanced attacks are only going to increase. Our employees are our most valued assets and the front line of defense for our organization. Partnering with KnowBe4 to build and consistently improve a comprehensive awareness program helps us proactively address new and emerging threats,” said A.B., IT security manager.

Related posts

Forge Strengthens Private Market Data Team and Capabilities with Two Key Hires

Business Wire

Dataiku Launches In AWS Marketplace

CIO Influence News Desk

Cinchy Study Details How Dataware Eliminates Data Integration and Revolutionizes Application Development and Analytics

CIO Influence News Desk