SecurityBrief India - Technology news for CISOs & cybersecurity decision-makers
India
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
IT Training
#
Phishing
#
Advanced Persistent Threat Protection

KnowBe4 study reveals critical role of security awareness

Yesterday
Author image
By Imee Dequito, Editor

KnowBe4 has released a white paper indicating that effective security awareness training (SAT) significantly reduces the likelihood of data breaches for organisations.

The research analysed over 17,500 data breaches from the Privacy Rights Clearinghouse database in conjunction with KnowBe4's own customer data, aiming to quantify the impact of security awareness training on cybersecurity.

The findings revealed that organisations with robust SAT programs are 8.3 times less likely to be listed in public data breach records annually compared to the general statistics. Furthermore, 97.6% of KnowBe4's current US customers have not reported a public data breach since 2005. For those customers who did experience breaches before becoming KnowBe4 clients, the likelihood of subsequent breaches decreased by 65% once they implemented KnowBe4's SAT program.

Additionally, the research highlighted that 73% of data breaches involving KnowBe4 customers occurred before adopting the company's SAT program.

KnowBe4 recommends that organisations incorporate SAT programs with at least quarterly training sessions and simulated phishing tests. The company notes that more frequent engagement with training can result in greater reductions in risk.

The study addresses a pressing question in the field of cybersecurity: whether security awareness training measurably reduces the risk of real-world cyberattacks. The analysis shows that regular and effective security awareness training results in notable decreases in human risk factors and fewer real-world compromises.

Roger Grimes, Data-Driven Defense Evangelist at KnowBe4, remarked, "If you add up all other causes for successful cyberattacks together, they do not come close to equaling the damage done by social engineering and phishing alone. The evidence is compelling and clear. Effective security awareness training, with regular simulated phishing exercises, educates employees and significantly reduces the human risk of cybersecurity threats."

The importance of security awareness training is underscored by the recognition that social engineering and phishing contribute to between 70% and 90% of data breaches. KnowBe4 defines a successful SAT program as one that includes at least monthly training and simulated phishing campaigns.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Cohesity strengthens security with new advisory additions
Fortinet firewalls hit by major data leak and zero-day flaw
Dynatrace launches app to support EU's DORA compliance
Illumio appoints Karl Van den Bergh as Chief Marketing Officer
Ransomware attacks soared in 2024, new groups emerge
Top stories
Scammers exploit LA wildfires with QR code phishing
Cybersecurity predictions 2025: Hype vs. reality
Study finds 8.5% of GenAI prompts risk data exposure
Teleport 17 enhances security for cloud infrastructure
Dragos & Yokogawa partner to boost industrial security