With the emergence of dangerous new strains of ransomware and social engineering threats, businesses are taking note and seeking to promote security awareness training to build a stronger security culture at their organizations.
KnowBe4, which hosts an integrated Security Awareness Training and Simulated Phishing platform, has seen a recent spike in activity, including an increase in their customer base and stable customer retention for their fourth quarter.
In 2014-2015, the company saw “an annual growth of over 350 percent and consecutive growth for a record 10 straight quarters with an impressive 950 percent growth rate since 2011.” KnowBe4 believes the impetus behind the explosive growth of security awareness training is a rise in ransomware and social engineering threats.
Last summer, Homeland Security Today reported that KnowBe4 launched their training platform on the understanding that employees are often the weak link in network security. Organizations are finally starting to get the picture. Conversations that were once limited to the lunchroom are now a priority in the boardroom.
According to the Lloyd’s of London, cybercrime costs to businesses have grown to account for an estimated $400 billion a year, excluding account hacks and unreported breaches. In turn, KnowBe4 notes that rapidly rising scams, such as the Business Email Compromise and new ransomware strains, have raised awareness of the importance of addressing social engineering threats.
In response, the company offers a robust platform of tools that enable IT pros to recognize social engineering red flags and send simulated phishing emails to users who can be given immediate remedial training.
Additionally, users can also use the built-in Phish Alert Button to send any suspicious email to IT. This gives IT an added ‘human firewall’ layer of defense and contributes to a strong security culture.
“People are used to having a technology solution [but] social engineering bypasses all technologies, including firewalls. Technology is critical, but we have to look at people and processes. Social engineering is a form of hacking that uses influence tactics,” noted Kevin Mitnick, KnowBe4’s Chief Hacking Officer.
IT professionals are being called to lead the effort to address problems and determine proper solutions. KnowBe4 CEO Stu Sjouwerman explained, “IT managers are grateful, as they are being recognized as helpful coworkers rather than the network police. It fosters cooperation and an overall improvement in security.”
Organizations are finding that by tapping into external subject matter experts, they are saving time and money. Investing in training is worth it to avoid the hefty costs and devastating impact on an organization’s brand and reputation that come with a major security breach.
“Risk managers know it is far cheaper to train users than pay the fines and heavy costs associated with a data breach,estimated by Juniper Networks to account for $2.1 trillion dollars by 2019,” noted Sjouwerman.