Be prepared with KnowBe4 Security Awareness Training
Updated August 11, 2021

Be prepared with KnowBe4 Security Awareness Training

Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User

Overall Satisfaction with KnowBe4 Security Awareness Training

KnowBe4 Security Awareness Training is used across our whole organization. We have over 1,000 employees as well as 10,000+ freelance software testers online, and the solution has helped us improve information security awareness and posture. More specifically, we have significantly reduced our exposure to malicious code through various online attack vectors, with email being the primary culprit.
  • Continuous reinforcement and training
  • One-click campaigns
  • Detailed dashboard and reporting options
  • Simple and intuitive interface
  • Extension of supported platforms into online collaboration suites (e.g., Teams) and professional networking services (e.g., LinkedIn)
  • More niche advice such as what to do when your LinkedIn profile has been cloned
  • Advice on integrating security training performance with individual employee performance appraisal
  • Reduced IT security training budget by 54%
  • Provided key metrics on IT security to improve our compliance efforts
  • Made IT security fun and engaging to all employees throughout the company
SANS was too heavy handed and too intensive for the average user in the company. PhishProtection dealt with the narrow domain of phishing attacks only. We chose KnowBe4 for its ease of use and accessibility, not only for the IT security team but based on overall level of engagement from all of our user base. It also covers much more than just phishing attacks and provided better protection of all IT security domains.
It has raised the profile and awareness of IT security throughout the company. Certain employees developed their own gamification based on regular touch points and interactions from our implementation of KnowBe4 Security Awareness Training. There is an informal competition to see who can score the highest and drinks at the pub are on offer!
We use standard best-practice administration principles. Users are assigned to groups with roles that have certain pre-defined permissions. Changes in permissions will be carried out on defined roles and pushed down to groups and individual users. Access control should never list individual users, only groups. Permissions may change over time through roles.
Metrics that help us with our compliance stance, such as GDPR in the UK and Europe and SOX in the U.S. KnowBe4's Compliance Audit Readiness Assessment (CARA) has been invaluable and together with constantly updated metrics from KnowBe4 Security Awareness Training underpins our efforts to demonstrate compliance with various requirements such as GDPR, SOX, and so on.
For medium to large companies where the majority of your employees are working distributed online in a collaborative manner, KnowBe4 Security Awareness Training is essential to mitigate employee mistakes clicking on that interesting or enticing link, which may have devastating consequences. We use Microsoft 365 and on a daily basis are getting multiple impersonation and phising attacks; it seems Microsoft is unable to do anything about this, so KnowBe4 has stepped up to fill the gap.

KnowBe4 Security Awareness Training New Features

We use SSO with Google Workspace (formerly G Suite or Google Apps) and the SSO integrations has allowed us to automate most new user provisioning tasks, as well as plan, manage, track and report on cloud accounts security training and compliance. Many other larger enterprises with numerous SSO systems in place will find this feature invaluable as well.
Advanced algorithm driven personalised training (I wouldn't go so far as to label it as AI yet) has enabled us to automate many of the planning, design, implementation and reporting of ongoing cloud security training initiatives. Using flexible templates the algorithms have been able to customise training delivery on the fly, based on training requirements and the unique personal preferences of the user base collected from online behaviour, usage times and application profiles.
We have trialled a couple of other solutions similar to KnowBe4, mostly partners of Microsoft 365 but have found them wanting in terms of features, functionality, ease of use, flexibility and agility for new and emerging information security threats and user training mitigation strategies. For now and we can't see this changing in the next few years, KnowBe4 stands clearly head and shoulders above its peers in this space.
There is a separate pilot project looking at this but this has not been widely implemented to all our user base yet. Depending on the progress of the pilot, we may be rolling it out end of this year around Q4 2021 time frame. The concept is great and we love it, but we are wary how the user base would respond as we are knowingly testing them with real world phishing content - albeit with malware payloads removed. There is a building consensus in our use base that we should be protecting them from active threats and not "trick" them into clicking on malware links.