In today's ever-evolving landscape of cyberthreats, organizations are increasingly recognizing the imperative of leveraging all available resources to fortify their defenses against potential attacks. Amid the myriad of security measures, one key resource often overlooked is the educated and trained end user.
Individuals have an untapped potential to act as the ultimate line of defense against cyberthreats, says Dario Tedesco, International Channel Manager, KnowBe4.
“No organization is immune to cyberattacks,” says Tedesco. But by acknowledging the pivotal role of human behavior in cybersecurity, companies can empower their employees through comprehensive education and targeted training, transforming them into an integral and proactive component of the organization's security infrastructure.
Human error remains a prevalent factor in security breaches, highlighting the critical need for organizations to address the human element in their cybersecurity strategies. As Tedesco explains, regardless of the number of filters a company incorporates into its security measures, there is always the risk of human error. Mitigating this risk at the human layer can yield significant benefits in enhancing cybersecurity. “It is important to pay attention to an often-overlooked component: the human firewall, the human layer or the eighth layer,” says Tedesco.
Researchers from Stanford University and a top cybersecurity organization found that approximately 88% of all data breaches are caused by an employee mistake. This emphasizes the significance of establishing a strong human firewall within organizations. A human firewall consists of educated and aware individuals who can recognize and mitigate potential threats, effectively serving as an additional layer of defense.
To achieve this goal, leading advocate in cybersecurity KnowB4 implements a comprehensive program designed to train the human layer and transform it into a human firewall. By utilizing intelligent and automated campaigns across various languages and platforms, KnowB4 directly targets specific sectors within organizations that are susceptible to cyberattacks, such as phishing. These campaigns are carefully tailored to address the identified risks and mitigate the likelihood of falling victim to such attacks.
Tedesco explains that KnowB4's services enable the identification of groups of individuals who are more susceptible to cyberattacks. By providing continuous targeted training to these sectors, KnowB4 ensures that individuals who are prone to falling victim to such attacks, referred to as "clickers," gain a better understanding of the risks involved and are equipped to comply with security measures.
A study conducted by KnowB4, which analyzed data from its extensive client base of over 10,000 organizations and gathered information from more than 10 million users, found that these campaigns resulted in a significant reduction in the percentage of individuals prone to phishing attacks. Initially, the percentage stood at 32.4%, but after implementing these efforts, it decreased to 17.6%. Remarkably, after 12 months of sustained implementation, this number further dropped to an impressive 5%.
By investing in comprehensive training programs and fostering a culture of cybersecurity awareness, organizations can harness the potential of their workforce to create a human firewall that acts as a robust frontline defense against cyberthreats. Empowering employees with the knowledge and tools to make informed security decisions not only mitigates the risk of human error, but also strengthens the overall security posture of the organization.