Microsoft Confirms Market-Need for KnowBe4 & Other Leading Vendors: Sending Simulated Phishing Attacks to Your Employees Is a Must

New-school security awareness training market legitimized

KnowBe4, the world’s largest provider of security awareness training and simulated phishing, is pleased to note that Microsoft has finally acknowledged that organizations need to send simulated phishing attacks to their employees with the announcement of a new feature called Attack Simulator. Part of Microsoft’s Office 365 Threat Intelligence offering, Attack Simulator allows email administrators to send phishing attacks to determine how employees respond.*

“At KnowBe4, we consider the addition of Attack Simulator to Microsoft’s Office 365 Threat Intelligence offering a win for our industry. In adding this feature, Microsoft has done what it always does: observe the market for innovative companies that create new markets, and then include a ‘checkbox’ feature with limited functionality so that their marketing can say: ‘Yes, we do that’.” said Stu Sjouwerman, Founder and CEO of KnowBe4. “As a leader in Gartner’s Magic Quadrant for Security Awareness Computer-Based Training, our mission to enable customers’ employees to make smarter security decisions has now been confirmed as a ‘must.’”

Perry Carpenter, KnowBe4’s Chief Evangelist & Strategy Officer stated, “By adding Attack Simulator, Microsoft has acknowledged that simulated phishing and the need to know your users’ susceptibility to social engineering attacks is non-negotiable and a must-have in today’s enterprise and SMB environments.” Carpenter continued, “It will be interesting to see if the Company allows third parties to create phishing template libraries, landing pages, and to see how the current functionality compares to that of the market leaders. 

Scott Bekker, Redmond Magazine’s Executive Editor remarked, “The simulator is one of a handful of key, near-term security enhancements in the Office 365 roadmap. The attack simulator has the potential to be a very useful proactive defense tool for IT administrators. According to the roadmap, the attack simulator & enables admins to send simulated attacks (10-15 different attack categories including phish, brute force password cracking, etc.) to their end users to determine how they respond to attacks and determine if the right policies are in place to help mitigate real attacks.”**

Sjouwerman added: “KnowBe4 has provided a free Phishing Security Test (PST) for 6 years now, which does a very similar thing to the new Microsoft offering. Attack Simulator shows the phish-prone percentage of an organization’s employees, so that a real program can be put in place to manage the ongoing urgent problem of social engineering attacks. Sending users an occasional phishing email provides just a baseline understanding and is only the start of a functional security awareness training program.”

According to a report from Gartner,*** three key elements form a successful security educations program: communication and education on security tactics, knowledge of your users and pervasive communication. An attack simulator is a good place to start. Coupled with a personalized training program with regular updated and fresh content, users can strengthen an organization’s last line of defense.

About KnowBe4:

KnowBe4, the provider of the world’s most popular integrated new-school security awareness training and simulated phishing platform, is used by more than 15,000 organizations worldwide. Founded by data and IT security expert Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness of ransomware, CEO fraud and other social engineering tactics through a new-school approach to security awareness training. Kevin Mitnick, internationally recognized computer security expert and KnowBe4’s Chief Hacking Officer, helped design KnowBe4’s training based on his well-documented social engineering tactics.

Thousands of organizations trust KnowBe4 to mobilize their end-users as the last line of corporate IT defense. Number 231 on the 2017 Inc. 500 list, #50 on 2016 Deloitte’s Technology Fast 500 and #6 in Cybersecurity Ventures Cybersecurity 500. KnowBe4 is headquartered in Tampa Bay, Florida with European offices in England and The Netherlands. For more information, visit and follow Stu on Twitter at @StuAllard.

* 365-roadmap?filters=%26freeformsearch=phish#abc

** enhancements-coming-to-office- 365.aspx

***September 15, 2017 by Joanna Huisman, Three Critical Factors in Building a Comprehensive Security Awareness Program

Topics: Phishing, Security Awareness Training, KnowBe4

Get the latest about social engineering

Subscribe to CyberheistNews