KnowBe4’s Security Training Empowers your Employees in Defending your Company Against Ransomware Attacks

September 13, 2018 / mcacao

If companies had turned a blind eye against Ransomware, in denial of the possibility that they too could be the victim of an attack, all that turned to smoke when the virus WannaCry decimated computer systems around the world in May of 2017. Hundreds of thousands of computers were held ransom, their machines inoperable, and the tons of data within them rendered unusable by the hackers’ encryption code. No emails could come in and out. Documents, especially those that were vital for sales and operations, could no longer be accessed. The WannaCry hackers were asking  a minimum of $300 in bitcoin ransom from each company to release the encryption code that could free the computers and restore the data.

The Miami Herald estimates that about 200,000 to 300,000 computers in 150 countries around the world were infected. Not many of them paid up and as a result lost their data. In his interview with the paper, KnowBe4 Chief Executive Stu Sjouwerman said that the projected damage in downtime caused by WannaCry reached $1 billion.  During those four days in May that held these companies captive, they could not do business, attend to their customers, hold game-changing partnership meetings, and deliver on their services. Loss of income was just the tip of the iceberg; customer satisfaction and confidence in these affected companies also declined. The companies that did not pay up would take months to recover in just tracking and putting together their lost data, and then translate it into a recognizable form that their staff can use to reach out to their customers and other shareholders.

In another interview with Marketplace, Sjouwerman said that business heads find it a “no-brainer” to pay up because failure to do so will lose them months of work. The organizations also risk shutting down completely. Sometimes even backup systems fail, forfeiting any chances for recovery.

That’s why, especially in hacking cases, an ounce of prevention is better than a pound of cure. KnowBe4 offers security awareness and training to corporate employees, making them the first line of defense against hacking, phishing, ransomware, and other forms of viruses. Sometimes, all it takes is one employee’s innocent click of a key for the virus to enter the system and start infecting the servers and the files. However, if that employee had been informed or trained ahead of time to spot a virus and neutralize it, then he or she would be able to spot the attack in its tracks and ultimately spare the company a ton of grief. In the process, he would also have spared himself and his colleagues the risk of exposure to another dreaded malaise called unemployment, which can happen should ransomware shut the company down.

KnowBe4’s security and training platform is being used by 9,000 corporations worldwide. This Florida-based company founded by Sjouwerman is also number 139 in Inc.com’s 2016 list of 5000 fastest-growing companies in 2016. It also made the #50 slot on Deloitte’s Technology Fast 500 that same year.

In a TV interview, Sjouwerman, who himself is a security analyst, emphasizes, “IT security starts with people. You have to start with employees: train them and then send them mock phishing attacks.”

KnowBe4’s security awareness training program features four major components:

  • Baseline testing which probes the company’s employees’ susceptibility to a phishing or virus attack. The performance result will reflect the organization’s strength and resilience (or lack of it) in withstanding the next cyber-attack.
  • User testing: This web-based training uses a ton of interactive modules, games, videos, newsletters, and automated training to prepare the employees for the next attack and heighten their security awareness.
  • Constant phishing testing. Hundreds of phishing templates will continue to test the defenses that are being mounted by the organization, revealing weaknesses, flaws, and links that have to be remedied. At the end of each test, each user or employee will have grown in his knowledge of ransomware and other attacks; he will be able to spot red flags and respond to them effectively.
  • User rating: Results will be reported with the necessary graphs and data to show how the organization as a whole and each employee fared in the test, and how they will hold up in the event of a real cyber attack.

What makes KnowBe4’s programs unique and effective is that behind their design is Chief Hacking Officer Kevin Mitnick. Mitnick used to be the world’s most famous and wanted hacker. However, since 2000, he has used his 30-year experience in the hacking business to help corporations deal with the threat by training their employees. As a security consultant, he has performed penetration tests for Fortune 500 companies, and taught social engineering classes to private corporations and government agencies.

As TechRepublic puts it, Mitnick started KnowBe4 with Sjouwerman, understanding full well that it takes an excellent hacker to catch others. And with these two manning their cyber-defenses and teaching security to their employees, companies can fortify themselves more powerfully against ransomware and other insidious viruses.

Posted In:

0 Comments