KnowBe4 helps you keep your network secure with Kevin Mitnick security awareness training. You are able to send simulated phishing attacks before and after the training. Created ‘by admins for admins’, a minimum of time is needed with visible proof the security awareness training works. Find out what your email attack footprint looks like and ask for our free Email Exposure Check. Based on Kevin’s 30+ year unique first-hand hacking experience, you are now able to train employees with next-generation web-based training and testing, to quickly solve the increasingly urgent security problem of Social Engineering.

2. "Many of the most damaging security penetrations are,
and will continue to be, due to Social Engineering, not
electronic hacking or cracking . . . Social Engineering
is the single greatest security risk in the decade ahead."
91% of data breaches start with a “spear-phishing” email,
research from security software firm Trend Micro shows.

3. Explosive Malware Growth: Endpoint Security does not catch it all
 Organized, focused and financially motivated hackers
 100,000+ new malware variants released each day
 800 million phishing emails are sent each day with those levels continuing to rise.
 Zero-day exploits and drive-by downloads creating need for regular Internet Security Awareness Training

4. Percentage Of Malware Not Being Caught
February 2009 saw the introduction of RAP testing to Virus Bulletin's VB100 comparative reviews, measuring
products' reactive and proactive detection abilities against the most recent malware that has emerged
around the world. McAfee and Microsoft highlighted with Blue Stars. Above graph was published early 2013.
And that is just malware that AV companies know about. There is more Stuxnet and Flame-type malware out
there. Source: http://www.virusbtn.com/vb100/rap-index.xml

5. Why Organizations Need Internet Security Awareness Training
 ‘Defense in Depth’ security.
Organizations defend their
networks on each of these six
levels. End User Internet Security
Awareness Training resides in the
outer layer:
Policies, Procedures, and
Awareness.
 End User Security Awareness is an
important piece of the security
puzzle because many attack types
go after the end user (called social
engineering) to succeed.
 End User Security Awareness can
affect every aspect of an
organization’s security profile, as it
is where security starts! That is why
it is so important that organizations
give their end-users Internet
Security Awareness Training.
Policies, Procedures & Awareness
Perimeter
Internal Network
Host
Application
Data

6. KnowBe4 Internet Security Awareness Program
1. Establish initial Phish-prone percentage
2. Train (On-demand Security Awareness Training)
3. Test (Continued Phishing Security Tests)
4. Educate (Ongoing Security Hints and Tips Emails)
5. Reporting and Tracking Results (Your Management
Console)

7. 7 Reasons Companies are Outsourcing Online Training
1. Reduce Costs - How you manage training is always about how
you manage costs.
2. Access to Talent - Especially hard when it gets to Security
Awareness Training which is highly specialized.
3. Geographic Reach & Scalability – Being able to train all
employees worldwide via distance learning on the same security
processes and procedures, and flex resources.
4. Compliance - Many organizations these days are required to
comply with a multitude of regulations, just take the PCI
(Payment Card Industry) Security Program for example.
5. Mitigate Risks – Training helps to prevent failures and from the
liabilities of being sued for insufficient training, a clear and
present danger in the case of cyber heists.
6. Training is not Core to the Business - For many organizations,
training is a necessity, but the development, management and
delivery of training is a distraction.
7. Leverage the Cost of Technology – One of the first major
investments is a Learning Management System. Why incur these
costs when the outsourcing company has already paid for it?
KnowBe4 has a unique
competitive advantage
provided by its automated
Phishing Security Tests

8. Value Proposition: Risk and Opex
• Reduced malware infections
• Reduced data loss
• Reduced potential cyber-theft
• Users have security top of mind
• Reduced help desk calls
• Reduced cleaning and re-imaging
of machines
• Reduced down time, increased
user productivity
• Real ROI
RISK
OPEX

10. Web Demo on Request:
carolm@knowbe4.com

11. Questions and Answers