FL-KNOWBE4
4.6.2024 19:45:32 CEST | Business Wire | Press release
KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, today released its new 2024 Phishing by Industry Benchmarking Report to measure an organization’s Phish-prone™ Percentage (PPP), which indicates how many of their employees are likely to fall for phishing or social engineering scams.
This year’s report shows that according to baseline testing conducted across all industries, without security awareness training, 34.3% of employees are likely to click on malicious links or comply with fraudulent requests. This is an increase of over one percent in comparison to the 2023 report and highlights the importance of building a strong security culture within organizations to mitigate the human risk that exists when safeguarding against cyber threats.
KnowBe4 analyzed over 54 million simulated phishing tests across more than 11.9 million users from 55,675 organizations in 19 different industries. The resulting baseline PPP measures the percentage of employees in organizations that had not conducted any KnowBe4 security training, who clicked a simulated phishing email link or opened an infected attachment during testing.
The report highlights a key fact: when simulated phishing security testing is integrated with security awareness training, it works. Organizations that commit to regular security awareness training and testing after the initial baseline test saw an average PPP drop to just 18.9% within 90 days. After 12 months of continuous training and testing, the PPP plummeted even further to 4.6%. These results show that to transform cybersecurity culture, existing habits first need to be broken to make way for more secure ones. As employees start to embrace new behaviors, they become habits, over time evolving into standard practices that shape organizational culture and, in turn, creating a workforce that instinctively makes security a priority in their day-to-day work.
Industries particularly vulnerable to cyber threats, scoring the highest PPP, and in dire need of security awareness training are also discussed in the report. The healthcare and pharmaceutical industry remains in the high-risk category with the highest PPP across small- and large-sized organizations scoring 34.7% and 51.4%, respectively. Across medium-sized organizations, the hospitality industry took top billing for the second time in three years with a score of 39.7%.
This report reinforces the crucial role the human element plays in cybersecurity. Although technology is important for preventing and recovering from cyberattacks, human error is still a big contributing factor to data breaches. In fact, according to Verizon's 2024 Data Breach Investigations report, 68% of data breaches were due to accidental actions, the use of stolen credentials, social engineering and malicious privilege misuse. Even though this is an improvement from last year’s 74%, organizations must continue to focus on strengthening the human firewall to safeguard against cyber threats.
An emerging threat vector highlighted in this year’s report is the rapid adoption of AI in certain industries which presents additional risks if not implemented with strong cybersecurity measures.
"The data does not lie; regular and focused security training reshapes how employees interact with potential threats. Our goals are to educate and change behaviors, for employees to instinctively put security first," says Stu Sjouwerman, CEO of KnowBe4. "Furthermore, we are seeing more sophisticated cyber threats emerge because of AI and the need for training is imperative.”
This year’s report also examines international phishing benchmarks from North America, South America, Europe, United Kingdom & Ireland, Africa, Asia, Australia and New Zealand.
To download a copy of the 2024 KnowBe4 Phishing by Industry Benchmarking Report, click here.
About KnowBe4
KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, is used by more than 65,000 organizations around the globe. Founded by IT and data security specialist Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness about ransomware, CEO fraud and other social engineering tactics through a new-school approach to awareness training on security. The late Kevin Mitnick, who was an internationally recognized cybersecurity specialist and KnowBe4’s Chief Hacking Officer, helped design the KnowBe4 training based on his well-documented social engineering tactics. Organizations rely on KnowBe4 to mobilize their end users as their last line of defense and trust the KnowBe4 platform to strengthen their security culture and reduce human risk.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20240604089157/en/
About Business Wire
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
Darktrace Selects Navan to Modernise Travel Program25.2.2026 10:00:00 CET | Press release
Navan (NASDAQ: NAVN), the global AI-powered business travel and expense platform, today announced it has been selected by Darktrace, a global leader in AI for cybersecurity, to upgrade its global travel program. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260225522665/en/ Darktrace Selects Navan to Modernise Travel Program “As Darktrace accelerates its expansion, in-person collaboration is critical,” said David Smith, Chief People Officer at Darktrace. “Navan’s inventory and user experience will ensure our teams and customers can easily connect, while we can maintain financial control.” As the UK-based cybersecurity company grows, Darktrace sought a partner to consolidate its travel operations, minimize administrative burden, and improve the booking experience for its workforce. Previously hampered by fragmented processes, Darktrace required a solution that would increase platform adoption and empower its employees to tra
AI: The New Insider Threat Facing Organizations25.2.2026 09:00:00 CET | Press release
Thales 2026 Data Threat Report Finds 70% of Organizations Rank AI as Top Data Security Risk As AI systems gain broader access to enterprise data across environments, organizations must treat data visibility and encryption as core security elements. AI-enabled deepfakes and misinformation are increasing the effectiveness of identity-based attacks. Today, credential theft is the leading attack technique against cloud infrastructure (67%). Nearly 60% of companies report deepfake-driven incidents, and 48% experience damage from AI-generated misinformation Investment in AI security is growing, with 30% of companies allocating dedicated budgets; however, 53% are still relying on existing security budget According to the Thales 2026 Data Threat Report, organizations across various markets including automotive, energy, finance and retail say the rapid pace of AI-driven transformation is now their biggest security challenge. Based on the report’s research, conducted by S&P Global 451 Research,
Zuper and Vonage Reimagine Network Connectivity for Skilled Trades with Quality on Demand25.2.2026 09:00:00 CET | Press release
Zuper to receive early access to Vonage Quality on Demand network API, for high-stakes field workflows - ensuring reliable network performance for live video, wearables, and inspections across industries like HVAC, electrical, general construction, roofing, manufacturing, and more Zuper, the AI operating system for the trades, and Vonage, part of Ericsson, have entered into a Memorandum of Understanding (MoU) to enter into a collaboration to integrate Vonage’s network APIs into the Zuper platform. The collaboration will provide Zuper with early access to Vonage network powered solutions, starting with Quality on Demand (QoD), where mobile network performance can be selectively applied to support critical field workflows, delivering improved latency, reliability, and connected experiences for mobile workforces. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260225852261/en/ QoD is the first advanced network API being integrat
Industrial Decarbonization: Calderion, WenCo and Terravent Invest in Graforce to Scale Plasma Pyrolysis Globally25.2.2026 08:07:00 CET | Press release
The investor consortium comprising the Paris-based Next Generation Fuels Industrial & Technological fund Calderion (Audacia), alongside infrastructure developer Terravent and WenCo Family Office, announces the closing of a strategic double-digit million-euro financing round for Berlin-based Graforce GmbH. The investment is dedicated to the industrial scale-up of Graforce’s proprietary plasma pyrolysis technology, addressing the growing global demand for cost-efficient low-carbon hydrogen, syngas, and carbon removal solutions that are compatible with existing industrial infrastructures. Disruptive alternative to conventional processes Graforce’s technology aims at replacing CO₂-intensive legacy routes such as steam reforming and classical gasification. By applying plasma to methane, biogas, flare gas, and landfill gas, the process converts these streams into their valuable molecular components instead of emitting them. The result is a high-efficiency production of clean hydrogen and syn
Mevion Medical Systems Announces CE Marking of the MEVION S250-FIT™ Proton Therapy System, Expanding Global Access to Compact Proton Therapy25.2.2026 08:00:00 CET | Press release
CE Marking enables marketing and clinical use of the world’s first and only LINAC vault-ready proton therapy system across the European Union Mevion Medical Systems, the global leader in compact proton therapy, today announced that the MEVION S250-FIT Proton Therapy System has successfully completed the conformity assessment process and has received CE Marking under Regulation (EU) 2017/745 (EU MDR). This regulatory milestone enables the marketing, sale, and clinical use of the MEVION S250-FIT system throughout the European Union, building on the system’s existing U.S. FDA 510(k) clearance granted in September 2025. The MEVION S250-FIT is the first and only proton therapy system designed to fit into a standard radiation therapy vault. By enabling cancer centers to use their existing infrastructure, the MEVION S250-FIT dramatically reduces the cost, complexity, and timeline traditionally associated with proton therapy adoption. This opens a new pathway for hospitals and cancer centers a
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom