KnowBe4, an employee security awareness training company, was recently dubbed with “unicorn status”, amid their latest $300M financing round at a valuation of $1B.

KnowBe4 released their annual “The 2019 Security Threats and Trends Survey” where 600 organizations worldwide were surveyed in mid-2019 on the major security issues they will face in the next 12 to 18 months. The breakdown of participating organizations by size were:

  • 44% SMB organizations (fewer than 200 employees)
  • 26% midsize organizations (201 to 500 employees)
  • 30% enterprises (500+ employees)

Main takeaways from the survey were:

  1. Unanimous Decision: Top security threats result from human error

The biggest and most persistent security threat comes from “within”—users who regularly click on bad links, placing organizations at higher risk of falling victim to email phishing, ransomware, and various forms of malware.

A near unanimous 96% of organizations say that email phishing scams pose the biggest security risk, followed by 76% who identify end user carelessness and 70% of respondents who cite social engineering as the biggest security threats facing their firms over the next 12 months.

2. Executives Are Being Targeted

Active content in emails (malicious attachment or link) are the most prevalent and dreaded amongst organizations due to their high success rate. Cybercriminals are relying on increasingly sophisticated attacks that target individuals with wide access in an organization.

55% of business cite Business Email Compromise (BEC) and CEO fraud as two increasing popular threat methods. These personalized attacks use social engineering to target high up executives are (ie. CEO and CFO) and hit these users with malicious emails that integrate name and personal information.

3. Budget Constraints Remain Challenge in Upgrading Security

30% of businesses described their security budget as bundled within the general IT budget. 55% of firms spend less than $50K annually on cybersecurity (~ $20/month/user), which leaves many organizations with inadequate cybersecurity defense. As a result, many organizations, primarily small businesses are left vulnerable and unable to afford more than one layer of security.

KnowBe4’s business is built on security awareness training modules that assist employees in being able to better recognize phishing attempts. These computer software simulators emulate the different kinds of emails, websites and techniques that are commonly used as deceptive tools. By training employees, these products strive to improve the human element in cybersecurity. However, human error is not completely eliminated.

With CyberQuay’s next-gen CDR, businesses can completely eliminate human error by removing potentially malicious content so that humans only interact with 100% clean files. Integrating next-gen CDR technology is a simple 2 step process that can be done by any employee. Businesses of all sizes can eliminate human error at an affordable cost.

Learn more here.