this post was submitted on 14 Jan 2025
9 points (100.0% liked)

Pulse of Truth

1684 readers
80 users here now

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

founded 2 years ago
MODERATORS
 

KnowBe4, cybersecurity platform that comprehensively addresses human risk management, today released a new white paper that provides data-driven evidence on the effectiveness of security awareness training (SAT) in reducing data breaches. Over 17,500 data breaches from the Privacy Rights Clearinghouse database were analysed along with KnowBe4’s extensive customer data to quantify the impact of SAT […] The post KnowBe4 Research Confirms Effective Security Awareness Training Significantly Reduces Data Breaches appeared first on IT Security Guru.

you are viewing a single comment's thread
view the rest of the comments
[–] baconman1945@lemmy.world 3 points 9 months ago (1 children)

Some of our users are not technical at all. The initial training was reported as beneficial by all of those users. The ones that wanted to enjoy the games spent an hour or two on it, and the ones that didn’t cruised through the entry module in less than a half hour. The intermittent test emails are nice to keep those users’ spidey senses alert, and one of them actually clicked a link in a test email and got Rick rolled on knowbe4’s website.

I can definitely see how it’d be annoying because your team is comprised of experts.

[–] ExtremeDullard@lemmy.sdf.org 1 points 9 months ago (1 children)

I can definitely see how it’d be annoying because your team is comprised of experts.

Yeah but... Define expert.

My grandchildren know more than what those KnowBe4 slides teach. The cleaning ladies who come twice a week are probably more astute when they receive phishing emails. The only people I can think of who might benefit are employees who are very close to retirement, who don't normally work with computers and who are very uncomfortable with technology, and that raises the question: if they made it so far without computers, why would you teach them about computers now?

I'm not against online training. I can see the potential. But the training sessions we've had to suffer through for the past 3 years wouldn't be out of place in a mental institution for children. They are seriously, seriously dumb.

I have to believe there are levels of expertise that KnowBe4 can provide, because all their material can't be that dumb, and that somehow we've only been exposed to the bottom of the barrel. But then I totally fail to see why our management would have chosen those courses over something more useful for us specifically.

[–] wizardbeard@lemmy.dbzer0.com 3 points 9 months ago* (last edited 9 months ago)

I have experience in an internal IT helpdesk position. All I can say is that you are greatly overestimating the computer competency of the average person.

Your workplace also sounds like an exception in terms of competency.

Also, maybe you should ask the powers that be if they have to assign so damn many. I work in the finance/banking industry. We only have to do an average of two per quarter where I work. Enough that it's somehow possible to be 10 or more behind sounds absolutely soul destroying.