KnowBe4 is the worlds largest security awareness training and - - PowerPoint PPT Presentation

▶

Jan 08, 2023 805 likes •983 views

KnowBe4 is the worlds largest security awareness training and simulated phishing platform that helps you manage the ongoing problem of social engineering. About Us Over 28,000 The worlds largest integrated Security Awareness

SLIDE 1

KnowBe4 is the world’s largest security awareness training and simulated phishing platform that helps you manage the

ngoing problem of social engineering.

SLIDE 2

Over

About Us

28,000

Customers

 The world’s largest integrated Security Awareness Training and Simulated Phishing platform  Based in Tampa Bay, Florida, founded in 2010  CEO & employees are ex-antivirus, IT Security pros  We help tens of thousands of organizations manage the

ngoing problem of social engineering

 We provide an affordable, easy-to-use GRC tool that helps

rganizations cut down audit time and manage your

compliance and risk projects faster than ever

SLIDE 3

The Costs of Breaches and Ransomware Attacks

$133K

 34% of businesses hit with malware take a week or more to regain access to their data  The average cost of a ransomware attack on businesses is $133,000

 75% of companies infected with ransomware are running up-to-date endpoint protection

4 Source: Sophos 2018 and Kaspersky 2018

SLIDE 4

BEC Attacks Are Growing

CEO Fraud and BEC Caused

 Business Email Compromise (BEC) increased 136% in identified global exposed losses between Dec. 2016 and May 2018

$12.5B

In Identified Global Losses

 These attacks often contain no links, no attachments and no spelling or grammar errors.

5 Source: Federal Bureau of Investigation’s (FBI) Internet Crime Complaint Center (IC3) 2018

SLIDE 5

Users Are the Last Line of Defense

A staggering

 91% of successful data breaches start with a spear phishing attack

f successful data breaches start with a

spear phishing attack

 30% of data breaches are caused by repeat offenders from within the organization

 Ransomware damage costs predicted to reach $20 billion by 2021

SLIDE 6

Why Do People Click On Phishing Links So Quickly?

Recent studies show that over

54.9%

f users click on a

phishing link in under 60 minutes

SLIDE 7

How Can We Protect Our Organization?

The answer is defense-in-depth, and pay specific attention to the

uter layer which is the weakest

link in IT security: the human

SLIDE 8

How Can We Protect Our Organization?

 Users are unaware of the internet dangers and get tricked by social engineering to click on a malicious link in a (spear)phishing email or opening an email attachment they did not ask for.  Employees have a false sense of security and believe their anti-virus has them covered. With the firehose of spam and malicious email that attack your network, 10-15% make it past your filters.  Surprisingly often, backups turn out not to work or it takes days to restore a system.  Today, an essential, additional security layer is to have your employees become part of your last line of defense.

SLIDE 9 Unlimi ted Use

Platform for Awareness Training and Testing

Custom Phishing

1 Train Your Users

Detailed Reporting

2 Phish Your Users

Ransom Guarantee

3 See the Results

Simulated Attachments New Smart Groups 4

SLIDE 10

Comprehensive Programs Work

 Most security awareness programs are still too superficial and done for compliance reasons.  What is missing is the correct estimation of the adversary being faced and the degree of commitment an organization has to have to stave off attacks.

SLIDE 11

Develop a Fully Mature Awareness Program

 Awareness Training on its own, typically once a year, is far from enough.  Simulated phishing tests of groups of employees doesn’t work on its own either.  But together, done frequently, and reinforcing each other, they can be combined to greatly increase effectiveness.

SLIDE 12

Baseline Phishing Test

 Measure the results. “You can’t manage what you don’t measure”  It is vital to establish a baseline

n phishing click-through rates. This

is easily accomplished by sending out a simulated phishing email to a random sample of personnel.  You find out the number that are tricked into clicking. This is your baseline “Phish-prone percentage” that you use as the catalyst to kickoff your training campaign.

SLIDE 13

Train Everyone

 In order to create a security culture and change the behavior of your employees, you have to train everyone, from the board room to the lunchroom, and include the training in the onboarding

f every new employee.

 This should be on-demand, interactive, engaging and create a thorough understanding of how cybercriminals operate.  Employees need to understand the mechanisms of:  Spam  Phishing  Spear phishing  Malware  Ransomware  Social engineering And be able to apply this in their day-to-day job.

SLIDE 14

Continue to Test Employees Regularly

 Even when testing confirms that phishing susceptibility has fallen to nominal levels, continue to test employees frequently to keep them on their toes, with security top of mind.  The bad guys are always changing the rules, adjusting their tactics and upgrading their technologies.  Analyze your phishing data. Continue to train and phish your users with more advanced tactics such as attachments and landing pages where they are asked to enter data.  Over time, increase the difficulty of the attacks, KnowBe4 has 3,000+ templates rated by difficulty from 1 to 5.

SLIDE 15

KnowBe4 Security Awareness Training Works

Effectively managing this problem requires

ngoing due diligence, but it can be done and it

isn’t difficult. We’re here to help.

January 2019 21

SLIDE 16

Questions?

Tel: 855-KNOWBE4 (566-9234) |www.KnowBe4.com |Partners@KnowBe4.com