This data shows us that implementing security awareness training with simulated phishing testing will help to better protect organizations against cyber attacks. -Stu Sjouwerman, CEO, KnowBe4
TAMPA, Fla. (PRWEB) July 08, 2021
KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, today announced it has released a new Phishing by Industry Benchmarking Report to measure an organization’s Phish-Prone percentage (PPP), which indicates how many of their employees are likely to fall for a phishing or social engineering scam.
The initial baseline phishing test was administered to organizations that had not conducted any KnowBe4 security awareness training. The results indicated a high level of risk, with an average initial baseline PPP of 31.4% across all industries and sizes. Every organization regardless of size and vertical is susceptible to phishing and social engineering without computer-based training.
“In critical industries like Energy & Utilities and Healthcare & Pharmaceuticals where lives can be severely impacted, we found particularly high levels of cybersecurity risk as a result of simulated phishing test failures,” said Stu Sjouwerman, CEO, KnowBe4. “This is deeply concerning. Organizations should monitor their risks due to the majority of data breaches originating from social engineering. This data shows us that implementing security awareness training with simulated phishing testing will help to better protect organizations against cyber attacks.”
After 90 days of computer-based training and simulated phishing testing, the average PPP was reduced by approximately 50 percent, dropping from 31.4% to 16.4%. And after one year of monthly simulated phishing tests and regular training, the PPP further declines to just 4.8%. Across all industries, there’s an average 84% improvement rate from baseline testing to 12 months of training and testing.
To download a copy of the KnowBe4 Phishing by Industry Benchmarking Report, visit
KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, is used by more than 39,000 organizations around the globe. Founded by IT and data security specialist, Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness about ransomware, CEO fraud, and other social engineering tactics through a new-school approach to awareness training on security. Kevin Mitnick, an internationally recognized cybersecurity specialist and KnowBe4's Chief Hacking Officer, helped design the KnowBe4 training based on his well-documented social engineering tactics. Tens of thousands of organizations rely on KnowBe4 to mobilize their end users as their last line of defense.