European cybersecurity company Nixu has started a co-operation with one of the largest security awareness training platforms in the world: KnowBe4 solution trains company employees continuously to identify phishing and social engineering.
Over third of all cyber-attacks involve internal actors, and over third included social engineering. Many breaches result from inadequate security hygiene and a lack of attention to detail. Social engineering is getting more and more sophisticated and, therefore effective. Organizations of all sizes should pay attention to human error and cybersecurity training.
“However, most companies do not train their employees on security matters enough,” says Anu Laitila, Cybersecurity Awareness Business Manager at Nixu. Together with her team, she creates security awareness activities and programs for companies and organizations from various industries. The awareness campaigns can include lectures, exercises, games, blogs, or any kind of engaging content. The trigger can be anything that will help people to remember security actions. “We’ve even created a concept of an escape room experience for employees,” Laitila says.
A comprehensive tool to boost learning
In its services, Nixu utilizes advanced tools to enhance awareness in a variety of ways, according to the needs of its client organizations. One of the largest integrated platforms for security awareness is KnowBe4 that contains the world’s broadest library of security awareness content, including automated training campaigns, simulated phishing attacks, and a wide range of content in different formats. The company has even created a tv-series called “The Inside Man” that covers various aspects of social engineering.
With the KnowBe4 platform, CISOs can easily build automated, ongoing awareness campaigns and follow-up on the ones who need an extra hand. The campaigns can also be targeted to a specific department, such as the HR or Finance team, and help to design a personal learning pathway for them. It is also possible to utilize groups by their learning levels. The reports that KnowBe4 provides support the development of cybersecurity programs and common company practices. Risk managers, IT managers, development managers, or other managers with strategic roles can see the current state of the personnel’s security maturity.
Stepping into a new era of security
Cybersecurity has long been considered only as a technical issue. With many unfortunate cybersecurity incidents, breaches and the ever-rising trend of social engineering, companies are starting to see the bigger picture and the human factor around it.
Companies should invest in the technical aspect – security operation centers, software and app security, identity and access management, to name a few – but the palette is not full until there is a good security awareness program running. And this goes for companies of all sizes. The change of culture in companies is happening, and forerunner organizations adopt new working habits fast.