Security Firm KnowBe4 Says Most Security Breaches Can Be Stopped With Awareness Training

By

For most people, the idea of security breaches coming into a system starts with malevolent, highly-skilled hackers breaking through security measures with a typing speed that borders on the mechanically impossible. But a new report from security training firm KnowBe4 says that, for the most part, hackers can be stopped at the gates by just being aware of and working against a few dangerous behaviors in the workplace.

KnowBe4, who deals mainly in security awareness training at last report, put together an analysis of 372 separate companies that shows just what kind of impact the right kind of training can have on employees when it's put to use. The study in question ran for 12 months, and focused on 291,000 end points, beginning with a baseline figure of 15.9 percent of employees that were what was called “phish-prone,” or likely to engage in risky behaviors like clicking on phishing links in e-mail and the like.

The effects of applying KnowBe4's training, meanwhile, were substantial to say the least. With the aforementioned baseline of 15.9 percent established, the use of training methods dropped the average down to 1.28 percent. That's certainly good news in an era in which phishing techniques and similar social engineering traps are becoming not only more widely used, but also of a higher overall quality and thus more likely to prove effective at getting the access the phishers want. Plus, KnowBe4 doesn't just train and leave; there are also frequent refresher courses used in the form of customizable emails that can be sent to users to make sure the methods taught are sticking with the recipients of the emails, and if said methods aren't taking hold, remedial training can be provided on the spot.

Supplementing KnowBe4's training is the Kevin Mitnick Security Awareness Training 2014 tool, a system that offers several different templates as well as an array of customization options to help users get better acquainted with important points of online safety. The system offers up several interactive case studies, demonstration videos, and brief tests to help ensure that the lessons are taking hold accordingly. Companies can even request a free phishing security test in order to determine how many employees in the business might be susceptible to the phishing attack.

Phishing attacks are particularly insidious as such attacks often look perfectly legitimate, which makes spotting a phishing attack particularly difficult even for experienced users. Having a way to protect against these attacks can go a long way in terms of preventing many common breaches, so a training program designed to help users spot at least some phishing attacks will reduce the likelihood that a phishing attack actually succeeds. There's no way to prevent all attacks—even the most hardened systems have some measure of weakness involved—but working to prevent as many of these attacks as possible will have some terrific bottom-line ramifications as IT staff can be working on other problems instead of trying to fix those caused by a phishing attack.

KnowBe4's system should prove very useful for businesses wanting a way to better protect a system. It won't be a silver bullet solution, but even one attack prevented is one less attack that has to be cleaned up after and otherwise dealt with. It's a great part of a better overall security system, and should be treated accordingly.




Edited by Cassandra Tucker
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

Contributing TechZone360 Writer

SHARE THIS ARTICLE
Related Articles

Can Science Outsmart Deepfake Deceivers? Klick Labs Proposes an Emerging Solution

By: Alex Passett    3/25/2024

Researchers at Klick Labs were able to identify audio deepfakes from authentic audio recordings via new vocal biomarker technology (alongside AI model…

Read More

Top 5 Best Ways to Integrate Technology for Successful Project-Based Learning

By: Contributing Writer    3/19/2024

Project-based learning, also popularly known as the PBL curriculum, emphasizes using and integrating technology with classroom teaching. This approach…

Read More

How to Protect Your Website From LDAP Injection Attacks

By: Contributing Writer    3/12/2024

Prevent LDAP injection attacks with regular testing, limiting access privileges, sanitizing user input, and applying the proper encoding functions.

Read More

Azure Cost Optimization: 5 Things You Can Do to Save on Azure

By: Contributing Writer    3/7/2024

Azure cost optimization is the process of managing and reducing the overall cost of using Azure. It involves understanding the resources you're using,…

Read More

Massive Meta Apps and Services Outage Impacts Users Worldwide

By: Alex Passett    3/5/2024

Meta's suite of apps and services are experiencing major global outages on Super Tuesday 2024.

Read More