New independent survey finds security awareness training helps 96% of organizations improve security culture and decreases security risk for 86% of organizations
KnowBe4, provider of the world’s largest security awareness training and simulated phishing platform, today announced the results of an independent survey, which found that an overwhelming majority of corporations – 96% – say security awareness training improved their corporate security culture. Further, an 86% majority of respondents say the training lowers the overall risk posed by cyber security scams.
These are the findings of the KnowBe4 2018 Security Awareness Training Deployment and Trends Survey, an independent web-based survey that polled 1,100 organizations worldwide in September 2018. The study queried organizations on the leading security threats and challenges facing their firms as cybersecurity attacks increase and intensify.
“Social engineering – such as phishing scams – now ranks as the number one cause of network hacks, and email is usually the chief culprit,” said Stu Sjouwerman, CEO, KnowBe4. “Security breaches disrupt productivity and put organizations, their data assets, intellectual property, employees and customers in danger. The survey data showed that security awareness training helps organizations recognize and repel hacks in a majority of instances.”
The study also polled organizations on the initiatives they’re taking to more proactively combat the growing diversified and targeted cyber threats. The study found that 88% of respondents currently deploy security awareness training tools. The businesses report that security awareness training is an effective mechanism that has an immediate impact on minimizing risk and positively changing employee culture.
Other top survey findings include:
• Social engineering was the top cause of attacks, cited by 77% of respondents, followed by malware (44%); user error (27%) and a combination of the above (19%) and password attacks (17%).
• Some 84% of respondents said their organizations could quantify the decrease in successful social engineering attacks (e.g., phishing scams, malware, zero day, etc.) after deploying security awareness training to their end users after just a few simulated exercises. This is based on 700 anecdotal responses obtained from the essay comments and first-person interviews.
• On average, respondents reported that social engineering cyber hacks like phishing scams and malware declined significantly from a success rate of 40% to 50% to zero to five percent after firms participated in several KnowBe4 security awareness training sessions.
• Almost three-quarters – 71% of survey participants – indicate their organizations proactively conduct simulated phishing attacks on a monthly, quarterly or weekly basis.
To read the full KnowBe4 2018 Security Awareness Training Deployment and Trends Survey, go to report.
KnowBe4, the provider of the world’s largest integrated security awareness training and simulated phishing platform, is used by more than 20,000 organizations worldwide. Founded by data and IT security expert Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness of ransomware, CEO fraud and other social engineering tactics through a new-school approach to security awareness training. Kevin Mitnick, internationally recognized computer security expert and KnowBe4’s Chief Hacking Officer, helped design KnowBe4’s training based on his well-documented social engineering tactics. Tens of thousands of organizations worldwide trust KnowBe4 to mobilize their employees as their last line of defense.
Number 96 on the 2018 Inc. 500 list, #70 on 2017 Deloitte’s Technology Fast 500 and #2 in Cybersecurity Ventures Cybersecurity 500. KnowBe4 is headquartered in Tampa Bay, Florida with European offices in England, the Netherlands, Germany and offices in South Africa and Singapore.