• Advertise
  • Subscribe
  • Forums
  • Buyer's Guide
  • Contact Us
  • Connect on LinkedIn
    1. Cybersecurity

    KnowBe4 research confirms effective security awareness training significantly reduces data breaches

    Jan. 15, 2025
    Organizations practicing regular and effective SAT see significant decreases in human risk factors and fewer real-world compromises.
    Related To: KnowBe4
    678815ef35f7f40f28bac6a4 Businessteammatesworkinglate 232148991284

    KnowBe4 today released a new white paper that provides data-driven evidence on the effectiveness of security awareness training (SAT) in reducing data breaches.

    Over 17,500 data breaches from the Privacy Rights Clearinghouse database were analyzed along with KnowBe4's extensive customer data to quantify the impact of SAT on organizational cybersecurity. This research provides an in-depth perspective on the effectiveness of security awareness training in preventing data breaches.

    Key findings from the research include:

    1. Organizations with effective SAT programs are 8.3 times less likely to appear on public data breach lists annually compared to general statistics.
    2. 97.6% of KnowBe4's current U.S. customers have not suffered a public data breach since 2005.
    3. Customers who experienced breaches were 65% less likely to suffer subsequent breaches after becoming KnowBe4 customers.
    4. 73% of breaches involving current KnowBe4 customers occurred before they implemented the company's SAT program.

    KnowBe4 advises organizations to implement SAT programs with at least quarterly training sessions and simulated phishing tests, noting that more frequent engagement can lead to even greater risk mitigation. The study addresses a critical question in cybersecurity: Does security awareness training measurably reduce an organization's risk of real-world cyberattacks? The analysis demonstrates that organizations practicing regular and effective SAT see significant decreases in human risk factors and fewer real-world compromises.

    "If you add up all other causes for successful cyberattacks together, they do not come close to equaling the damage done by social engineering and phishing alone," said Roger Grimes, data-driven defense evangelist at KnowBe4. "The evidence is compelling and clear. Effective security awareness training, with regular simulated phishing exercises, educates employees and significantly reduces the human risk of cybersecurity threats."

    This research provides valuable insights into the substantial role that security awareness training plays in preventing data breaches, particularly given that social engineering and phishing account for 70% to 90% of data breaches. KnowBe4 defines an effective SAT program as one that includes at least monthly training and simulated phishing campaigns. 

    The full white paper, "Effective Security Awareness Training Really Does Reduce Breaches," is available for download here.

    KnowBe4 announces AIDA to measure human cyber risk