Security Firm KnowBe4 Says Most Security Breaches Can Be Stopped With Awareness Training

By Steve Anderson January 23, 2014

For most people, the idea of security breaches coming into a system starts with malevolent, highly-skilled hackers breaking through security measures with a typing speed that borders on the mechanically impossible. But a new report from security training firm KnowBe4 says that, for the most part, hackers can be stopped at the gates by just being aware of and working against a few dangerous behaviors in the workplace.

KnowBe4, who deals mainly in security awareness training at last report, put together an analysis of 372 separate companies that shows just what kind of impact the right kind of training can have on employees when it's put to use. The study in question ran for 12 months, and focused on 291,000 end points, beginning with a baseline figure of 15.9 percent of employees that were what was called “phish-prone,” or likely to engage in risky behaviors like clicking on phishing links in e-mail and the like.

The effects of applying KnowBe4's training, meanwhile, were substantial to say the least. With the aforementioned baseline of 15.9 percent established, the use of training methods dropped the average down to 1.28 percent. That's certainly good news in an era in which phishing techniques and similar social engineering traps are becoming not only more widely used, but also of a higher overall quality and thus more likely to prove effective at getting the access the phishers want. Plus, KnowBe4 doesn't just train and leave; there are also frequent refresher courses used in the form of customizable emails that can be sent to users to make sure the methods taught are sticking with the recipients of the emails, and if said methods aren't taking hold, remedial training can be provided on the spot.

Supplementing KnowBe4's training is the Kevin Mitnick Security Awareness Training 2014 tool, a system that offers several different templates as well as an array of customization options to help users get better acquainted with important points of online safety. The system offers up several interactive case studies, demonstration videos, and brief tests to help ensure that the lessons are taking hold accordingly. Companies can even request a free phishing security test in order to determine how many employees in the business might be susceptible to the phishing attack.

Phishing attacks are particularly insidious as such attacks often look perfectly legitimate, which makes spotting a phishing attack particularly difficult even for experienced users. Having a way to protect against these attacks can go a long way in terms of preventing many common breaches, so a training program designed to help users spot at least some phishing attacks will reduce the likelihood that a phishing attack actually succeeds. There's no way to prevent all attacks—even the most hardened systems have some measure of weakness involved—but working to prevent as many of these attacks as possible will have some terrific bottom-line ramifications as IT staff can be working on other problems instead of trying to fix those caused by a phishing attack.

KnowBe4's system should prove very useful for businesses wanting a way to better protect a system. It won't be a silver bullet solution, but even one attack prevented is one less attack that has to be cleaned up after and otherwise dealt with. It's a great part of a better overall security system, and should be treated accordingly.

Edited by Cassandra Tucker

Contributing TechZone360 Writer

Related Articles

Four Reasons to Reach for the Cloud after World Earth Day

By: Special Guest    4/23/2018

The World Earth Day agenda offers a chance to flip the rationale for cloud adoption and highlight environmental benefits that the technology brings pr…

Read More

Bloomberg BETA: Models Are Key to Machine Intelligence

By: Paula Bernier    4/19/2018

James Cham, partner at seed fund Bloomberg BETA, was at Cisco Collaboration Summit today talking about the importance of models to the future of machi…

Read More

Get Smart About Influencer Attribution in a Blockchain World

By: Maurice Nagle    4/16/2018

The retail value chain is in for a blockchain-enabled overhaul, with smarter relationships, delivering enhanced transparency across an environment of …

Read More

Facebook Flip-Flopping on GDPR

By: Maurice Nagle    4/12/2018

With GDPR on the horizon, Zuckerberg in Congress testifying and Facebook users questioning loyalty, change is coming. What that change will look like,…

Read More

The Next Phase of Flash Storage and the Mid-Sized Business

By: Joanna Fanuko    4/11/2018

Organizations amass profuse amounts of data these days, ranging from website traffic metrics to online customer surveys. Collectively, AI, IoT and eve…

Read More