KnowBe4 Research Confirms Effective Security Awareness Training Significantly Reduces Data Breaches

New KnowBe4 white paper "Effective Security Awareness Training Really Does Reduce Breaches" finds 65% decrease in breach likelihood for organizations with robust security training programs

TAMPA BAY, Fla., Jan. 14, 2025 /PRNewswire/ -- KnowBe4, the world-renowned cybersecurity platform that comprehensively addresses human risk management, today released a new white paper that provides data-driven evidence on the effectiveness of security awareness training (SAT) in reducing data breaches.

Over 17,500 data breaches from the Privacy Rights Clearinghouse database were analyzed along with KnowBe4's extensive customer data to quantify the impact of SAT on organizational cybersecurity. This research provides an in-depth perspective on the effectiveness of security awareness training in preventing data breaches.

Key findings from the research include:

1. Organizations with effective SAT programs are 8.3 times less likely to appear on public data breach lists annually compared to general statistics.
2. 97.6% of KnowBe4's current U.S. customers have not suffered a public data breach since 2005.
3. Customers who experienced breaches were 65% less likely to suffer subsequent breaches after becoming KnowBe4 customers.
4. 73% of breaches involving current KnowBe4 customers occurred before they implemented the company's SAT program.

KnowBe4 advises organizations to implement SAT programs with at least quarterly training sessions and simulated phishing tests, noting that more frequent engagement can lead to even greater risk mitigation. The study addresses a critical question in cybersecurity: Does security awareness training measurably reduce an organization's risk of real-world cyberattacks? The analysis demonstrates that organizations practicing regular and effective SAT see significant decreases in human risk factors and fewer real-world compromises.

"If you add up all other causes for successful cyberattacks together, they do not come close to equaling the damage done by social engineering and phishing alone," said Roger Grimes, data-driven defense evangelist at KnowBe4. "The evidence is compelling and clear. Effective security awareness training, with regular simulated phishing exercises, educates employees and significantly reduces the human risk of cybersecurity threats."

This research provides valuable insights into the substantial role that security awareness training plays in preventing data breaches, particularly given that social engineering and phishing account for 70% to 90% of data breaches. KnowBe4 defines an effective SAT program as one that includes at least monthly training and simulated phishing campaigns. 

The full white paper, "Effective Security Awareness Training Really Does Reduce Breaches," is available for download here.

About KnowBe4

KnowBe4 empowers workforces to make smarter security decisions every day. Trusted by over 70,000 organizations worldwide, KnowBe4 helps to strengthen security culture and manage human risk. KnowBe4 offers a comprehensive AI-driven 'best-of-suite' platform for Human Risk Management, creating an adaptive defense layer that fortifies user behavior against the latest cybersecurity threats. The HRM+ platform includes modules for awareness & compliance training, cloud email security, real-time coaching, crowdsourced anti-phishing, AI Defense Agents, and more. As the only global security platform of its kind, KnowBe4 utilizes personalized and relevant cybersecurity protection content, tools and techniques to mobilize workforces to transform from the largest attack surface to an organization's biggest asset.

Media Contact:
Kathy Wattman
SVP of Public Relations
[email protected]
727-474-9950

SOURCE KnowBe4 Inc.