FL-KNOWBE4
4.6.2024 19:45:32 CEST | Business Wire | Press release
KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, today released its new 2024 Phishing by Industry Benchmarking Report to measure an organization’s Phish-prone™ Percentage (PPP), which indicates how many of their employees are likely to fall for phishing or social engineering scams.
This year’s report shows that according to baseline testing conducted across all industries, without security awareness training, 34.3% of employees are likely to click on malicious links or comply with fraudulent requests. This is an increase of over one percent in comparison to the 2023 report and highlights the importance of building a strong security culture within organizations to mitigate the human risk that exists when safeguarding against cyber threats.
KnowBe4 analyzed over 54 million simulated phishing tests across more than 11.9 million users from 55,675 organizations in 19 different industries. The resulting baseline PPP measures the percentage of employees in organizations that had not conducted any KnowBe4 security training, who clicked a simulated phishing email link or opened an infected attachment during testing.
The report highlights a key fact: when simulated phishing security testing is integrated with security awareness training, it works. Organizations that commit to regular security awareness training and testing after the initial baseline test saw an average PPP drop to just 18.9% within 90 days. After 12 months of continuous training and testing, the PPP plummeted even further to 4.6%. These results show that to transform cybersecurity culture, existing habits first need to be broken to make way for more secure ones. As employees start to embrace new behaviors, they become habits, over time evolving into standard practices that shape organizational culture and, in turn, creating a workforce that instinctively makes security a priority in their day-to-day work.
Industries particularly vulnerable to cyber threats, scoring the highest PPP, and in dire need of security awareness training are also discussed in the report. The healthcare and pharmaceutical industry remains in the high-risk category with the highest PPP across small- and large-sized organizations scoring 34.7% and 51.4%, respectively. Across medium-sized organizations, the hospitality industry took top billing for the second time in three years with a score of 39.7%.
This report reinforces the crucial role the human element plays in cybersecurity. Although technology is important for preventing and recovering from cyberattacks, human error is still a big contributing factor to data breaches. In fact, according to Verizon's 2024 Data Breach Investigations report, 68% of data breaches were due to accidental actions, the use of stolen credentials, social engineering and malicious privilege misuse. Even though this is an improvement from last year’s 74%, organizations must continue to focus on strengthening the human firewall to safeguard against cyber threats.
An emerging threat vector highlighted in this year’s report is the rapid adoption of AI in certain industries which presents additional risks if not implemented with strong cybersecurity measures.
"The data does not lie; regular and focused security training reshapes how employees interact with potential threats. Our goals are to educate and change behaviors, for employees to instinctively put security first," says Stu Sjouwerman, CEO of KnowBe4. "Furthermore, we are seeing more sophisticated cyber threats emerge because of AI and the need for training is imperative.”
This year’s report also examines international phishing benchmarks from North America, South America, Europe, United Kingdom & Ireland, Africa, Asia, Australia and New Zealand.
To download a copy of the 2024 KnowBe4 Phishing by Industry Benchmarking Report, click here.
About KnowBe4
KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, is used by more than 65,000 organizations around the globe. Founded by IT and data security specialist Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness about ransomware, CEO fraud and other social engineering tactics through a new-school approach to awareness training on security. The late Kevin Mitnick, who was an internationally recognized cybersecurity specialist and KnowBe4’s Chief Hacking Officer, helped design the KnowBe4 training based on his well-documented social engineering tactics. Organizations rely on KnowBe4 to mobilize their end users as their last line of defense and trust the KnowBe4 platform to strengthen their security culture and reduce human risk.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20240604089157/en/
About Business Wire
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
Verdict Expected Soon in Klarna’s $8.3 Billion Antitrust Lawsuit Against Google24.2.2026 19:09:00 CET | Press release
PriceRunner v. Google: Sweden’s Largest-Ever Civil Damages Claim Reaches Decision Stage; Klarna Provides Investor Update Klarna Group plc (NYSE: KLAR) announces that the Patent and Market Court of Sweden (Patent- och marknadsdomstolen) is expected to deliver its verdict on April 15, 2026 in the antitrust damages proceedings brought by Klarna’s subsidiary PriceRunner International AB against Google LLC and Google Ireland Limited. The trial, which ran from October 20 to December 19, 2025, concerned PriceRunner’s claim for approximately $8.3 billion in damages — the largest civil damages claim ever filed in a Swedish court. The Case The claim arises from Google’s abuse of dominance in online comparison shopping, as established by the European Commission in a binding 2017 decision and upheld without reservation by the Court of Justice of the European Union in September 2024. PriceRunner alleges that Google systematically demoted competing price comparison services in its search results whi
INRIX Announces New Generation of AI Traffic Products: Helping to Improve Safety, Reduce Congestion, and Enhance Mobility Operations24.2.2026 16:49:00 CET | Press release
New generative AI capabilities, enhanced incident detection, and expanded customer deployments mark a major evolution of the INRIX Traffic product family INRIX, a global leader in transportation data and analytics, today announced a major expansion of its Trafficfamily of products, delivering innovativeAI-driven capabilities to help transportation agencies and logistics organizations move from reactive traffic management to proactive, safety-focused and efficient operations. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260224267928/en/ INRIX introduces expanded automation, generative AI capabilities, enhanced incident detection, and continuous analytics. Over twenty years ago, INRIX commercialized the first system to use GPS data to create real-time traffic information. In 2019, INRIX launched AI Traffic – the world's first traffic platform to leverage deep learning models and AI to improve the quality and analysis globall
Check Point and ControlPlane Partner to Help Enterprises Securely Scale AI and Accelerate Agentic Innovation24.2.2026 15:30:00 CET | Press release
ControlPlane, a specialist AI Security and DevSecOps consultancy, and Check Point Software Technologies Ltd., a pioneer and global leader in cyber security solutions, today announced a strategic collaboration to help enterprises securely adopt Large Language Models (LLMs) and agentic AI systems at scale. The partnership delivers a comprehensive, regulator-ready security framework designed to reduce risk, protect sensitive data, and enable organizations to move confidently from AI experimentation to production deployment. By combining Check Point’s AI-native threat prevention platform with ControlPlane’s deep expertise in cloud native architectures and DevSecOps, enterprises can operationalize AI securely without slowing innovation. As organizations advance AI initiatives beyond pilots, they face a growing “AI readiness gap.” Emerging threats such as prompt injection, unauthorized access, data leakage, and model misuse introduce risks that traditional security controls were not built to
Clinilabs Establishes EU Headquarters in Basel, Strengthening European Clinical Operations Under New Regional Leadership24.2.2026 15:00:00 CET | Press release
Clinilabs, a leading specialty contract research organization (CRO) focused on central nervous system (CNS) drug and device development, today announced the expansion of its European operations, including the establishment of its European Union headquarters at Switzerland Innovation Park Basel Area, and the appointment of Dr. Anne-Marie Nagy as executive vice president and head of Clinilabs Europe. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260224669284/en/ Dr. Anne-Marie Nagy appointed as Executive Vice President and Head of Clinilabs Europe Switzerland Innovation Park Basel Area is part of Switzerland’s national innovation network and located within the Basel region’s globally recognized life sciences cluster, bringing together biopharma companies, research institutions, and clinical innovation leaders. “Europe is a critical pillar of Clinilabs’ long-term growth strategy,” said Gary K. Zammit, Ph.D., president and chie
Yubico Unveils “YubiNation Partners”: A New Era of Global Channel Partnership to Secure Digital Identities in the Age of AI24.2.2026 15:00:00 CET | Press release
Yubico (NASDAQ STOCKHOLM: YUBICO), a modern cybersecurity company and creator of the most secure passkeys, today announced the launch of YubiNation Partners, a new global Channel program designed to unite a community of security experts. In the face of growing AI-driven cyber threats, the program enables partners to become trusted advisors and cultivate a safer digital world for their customers, making identities private and secure. As the average cost of a corporate security breach climbs to $4.4 million*, with phishing remaining a primary attack vector, the industry can no longer rely on passwords alone. In fact, a 2026 Total Economic Impact study from Forrester Consulting commissioned by Yubico, found that by replacing traditional multi-factor authentication (MFA) and one-time passwords (OTP) with YubiKeys, customers achieved a 265% return on investment (ROI). This effectively eliminated phishing and credential-theft risks, reducing an organization’s risk exposure to breach costs fr
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom