security awareness training from knowbe4

11

Upload: carol-montgomery-adams

Post on 05-Dec-2014

486 views

Category:

Technology


3 download

DESCRIPTION

KnowBe4 helps you keep your network secure with Kevin Mitnick security awareness training. You are able to send simulated phishing attacks before and after the training. Created ‘by admins for admins’, a minimum of time is needed with visible proof the security awareness training works. Find out what your email attack footprint looks like and ask for our free Email Exposure Check. Based on Kevin’s 30+ year unique first-hand hacking experience, you are now able to train employees with next-generation web-based training and testing, to quickly solve the increasingly urgent security problem of Social Engineering.

TRANSCRIPT

Page 1: Security Awareness Training from KnowBe4

1

Page 2: Security Awareness Training from KnowBe4

"Many of the most damaging security penetrations are, and will continue to be, due to Social Engineering, not electronic hacking or cracking . . . Social Engineering is the single greatest security risk in the decade ahead."

91% of data breaches start with a “spear-phishing” email, research from security software firm Trend Micro shows.

Page 3: Security Awareness Training from KnowBe4

Explosive Malware Growth: Endpoint Security does not catch it all

Organized, focused and financially motivated hackers

100,000+ new malware variants released each day

800 million phishing emails are sent each day with those levels continuing to rise.

Zero-day exploits and drive-by downloads creating need for regular Internet Security Awareness Training

Page 4: Security Awareness Training from KnowBe4

Percentage Of Malware Not Being Caught

February 2009 saw the introduction of RAP testing to Virus Bulletin's VB100 comparative reviews, measuring products' reactive and proactive detection abilities against the most recent malware that has emerged around the world. McAfee and Microsoft highlighted with Blue Stars. Above graph was published early 2013. And that is just malware that AV companies know about. There is more Stuxnet and Flame-type malware out there. Source: http://www.virusbtn.com/vb100/rap-index.xml

Page 5: Security Awareness Training from KnowBe4

Why Organizations Need Internet Security Awareness Training

‘Defense in Depth’ security. Organizations defend their networks on each of these six levels. End User Internet Security Awareness Training resides in the outer layer: Policies, Procedures, and Awareness.

End User Security Awareness is an important piece of the security puzzle because many attack types go after the end user (called social engineering) to succeed.

End User Security Awareness can affect every aspect of an organization’s security profile, as it is where security starts! That is why it is so important that organizations give their end-users Internet Security Awareness Training.

Policies, Procedures & Awareness

Perimeter

Internal Network

Host

Application

Data

Page 6: Security Awareness Training from KnowBe4

KnowBe4 Internet Security Awareness Program

1. Establish initial Phish-prone percentage 2. Train (On-demand Security Awareness Training)3. Test (Continued Phishing Security Tests)4. Educate (Ongoing Security Hints and Tips Emails)5. Reporting and Tracking Results (Your Management

Console)

Page 7: Security Awareness Training from KnowBe4

7 Reasons Companies are Outsourcing Online Training

1. Reduce Costs - How you manage training is always about how you manage costs.

2. Access to Talent - Especially hard when it gets to Security Awareness Training which is highly specialized.

3. Geographic Reach & Scalability – Being able to train all employees worldwide via distance learning on the same security processes and procedures, and flex resources.

4. Compliance - Many organizations these days are required to comply with a multitude of regulations, just take the PCI (Payment Card Industry) Security Program for example.

5. Mitigate Risks – Training helps to prevent failures and from the liabilities of being sued for insufficient training, a clear and present danger in the case of cyber heists.

6. Training is not Core to the Business - For many organizations, training is a necessity, but the development, management and delivery of training is a distraction.

7. Leverage the Cost of Technology – One of the first major investments is a Learning Management System. Why incur these costs when the outsourcing company has already paid for it?

KnowBe4 has a unique competitive advantage provided by its automated Phishing Security Tests

Page 8: Security Awareness Training from KnowBe4

Value Proposition: Risk and Opex

• Reduced malware infections• Reduced data loss• Reduced potential cyber-theft• Users have security top of mind

• Reduced help desk calls• Reduced cleaning and re-imaging

of machines• Reduced down time, increased

user productivity• Real ROI

RISK

OPEX

Page 9: Security Awareness Training from KnowBe4
Page 10: Security Awareness Training from KnowBe4

10

Web Demo on Request: [email protected]

Page 11: Security Awareness Training from KnowBe4

Questions and Answers