Training reduces the risk of socially engineered security breaches
New analysis by security awareness training company KnowBe4 shows, perhaps not surprisingly, that training helps reduce risky online behavior in the workplace.
Carried out over a 12-month period, the study shows that whilst almost 16 percent of employees were prone to click on phishing links initially, this was reduced to 1.28 percent on average after training.
"It is well known amongst IT managers that the weakest link in security is the end user and we sought out a way to effectively address this," says Stu Sjouwerman (pronounced "shower-man"), KnowBe4 founder and CEO. "Nearly 40 percent of these companies are financial entities who typically are more aware and have tighter restrictions and yet were able to see a huge improvement, showing the program works extremely well".
KnowBe4 has teamed up with security expert Kevin Mitnick to launch a security awareness training course. The web-based interactive training uses case-studies, live demonstration videos and short tests. The training specializes in making sure employees understand the mechanisms of spam, phishing, spear-phishing, malware and social engineering.
"The threat posed by malware should not be underestimated, particularly considering that employees have consistently proven to be the weak link in companies' Internet security efforts," says Mitnick. "In most cases, their involvement is unintentional -- they unknowingly allow access to corporate networks simply because they don’t know what to watch out for. That’s why our security awareness training is designed to ensure they understand the mechanisms of spam, phishing, spear-phishing, malware and social engineering, and are able to apply this knowledge on the job. This allows organizations to create a 'human firewall' that actively works to prevent network security breaches".
You can find out more about Kevin Mitnick Security Awareness Training 2014 and see a demonstration of it in action on the KnowBe4 website.