KnowBe4: A Platform that Enables Employees to Make Smarter Security Decisions

CIO VendorStu Sjouwerman, CEO
Eliminating “threats” is beyond the bounds of possibility; hence protection against threats without disrupting business innovation and growth is progressively a critical management issue. Despite the fact that many organizations have reinforced their cybersecurity capabilities over the past few years, online attacks are still a prominent subject today. A single click by an employee of an organization may allow hackers in, cause a ransomware attack, an expensive data breach or worse a cyberheist. “Current security layers do not sufficiently address an organization’s weakest link—employees,’” remarks Stu Sjouwerman, CEO, KnowBe4. In such a scenario, organizations are looking for a robust solution for cybersecurity. “We help you create a human firewall, an additional layer on top of the existing software layers to enable an organization to have an effective defense against the current massive wave of phishing, spear phishing and ransomware,” adds Stu. Recognizing the needs of enterprise IT security, KnowBe4, a FL-based company delivers new-school security awareness training along with set-it-and-forget-it simulated phishing attacks through its integrated platform.

Employees being a weak link in IT security, attackers make a detour around technology to target them. “Our business is to train employees to make a smarter security decision by providing them simulated phishing exercises and interactive training modules,” explains Stu. KnowBe4’s training module provides training through a three-step process. The first step is the baseline test, where the organization gets one simulated phishing attack that will help them in assessing their phish prone percentage, to take remedial action. The second step includes online interactive and engaging training for employees, where they learn about the most common attack vectors of the internet.

Our business is to train employees to make a smarter security decision by providing them simulated phishing exercises and interactive training modules


As part of the third step, monthly simulated phishing attacks are sent to all employees to keep them on their toes with security top of mind.

KnowBe4 educates users and creates a human firewall by training them with help from renowned hacker Kevin Mitnick. “Employees will undergo comprehensive awareness training that arms them against hackers and social engineering tricks using live attacks and demonstration examples,” adds Stu. Additionally, KnowBe4 provides a phish alert button that the employer can place into Outlook, Gmail or Notes. In an instance where an employee spots something phishy, they can click on the phish alert button which will in turn send the suspicious email to the incident response team to initiate further action. Additionally, in order to help customers comply with various regulations, KnowBe4’s Compliance Manager (KCM) simplifies the complexity of being compliant with, for instance, PCI DSS and HIPPA.

With cybercrime perpetrators innovating furiously, large cyber mafia gangs compete with each other for market share. Small and medium sized enterprises are easy targets for these cybercriminals as they lack the sophistication and knowledge to prevent cyberattacks. KnowBe4 has strong results. Stu stated: “By inoculating employees against social engineering, we routinely bring down the phish prone percentage from 16 percent down to 1 percent.”

Considering cybersecurity as the need of the hour, KnowBe4 recently released training modules for ransomware and CEO fraud for hospitals and capital markets. For the future, the company is planning to design new modules that ensure the most recent threats are being quickly addressed and rolled out to all employees arming them to mitigate network security threats.