FL-KNOWBE4
4.6.2024 19:45:32 CEST | Business Wire | Press release
KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, today released its new 2024 Phishing by Industry Benchmarking Report to measure an organization’s Phish-prone™ Percentage (PPP), which indicates how many of their employees are likely to fall for phishing or social engineering scams.
This year’s report shows that according to baseline testing conducted across all industries, without security awareness training, 34.3% of employees are likely to click on malicious links or comply with fraudulent requests. This is an increase of over one percent in comparison to the 2023 report and highlights the importance of building a strong security culture within organizations to mitigate the human risk that exists when safeguarding against cyber threats.
KnowBe4 analyzed over 54 million simulated phishing tests across more than 11.9 million users from 55,675 organizations in 19 different industries. The resulting baseline PPP measures the percentage of employees in organizations that had not conducted any KnowBe4 security training, who clicked a simulated phishing email link or opened an infected attachment during testing.
The report highlights a key fact: when simulated phishing security testing is integrated with security awareness training, it works. Organizations that commit to regular security awareness training and testing after the initial baseline test saw an average PPP drop to just 18.9% within 90 days. After 12 months of continuous training and testing, the PPP plummeted even further to 4.6%. These results show that to transform cybersecurity culture, existing habits first need to be broken to make way for more secure ones. As employees start to embrace new behaviors, they become habits, over time evolving into standard practices that shape organizational culture and, in turn, creating a workforce that instinctively makes security a priority in their day-to-day work.
Industries particularly vulnerable to cyber threats, scoring the highest PPP, and in dire need of security awareness training are also discussed in the report. The healthcare and pharmaceutical industry remains in the high-risk category with the highest PPP across small- and large-sized organizations scoring 34.7% and 51.4%, respectively. Across medium-sized organizations, the hospitality industry took top billing for the second time in three years with a score of 39.7%.
This report reinforces the crucial role the human element plays in cybersecurity. Although technology is important for preventing and recovering from cyberattacks, human error is still a big contributing factor to data breaches. In fact, according to Verizon's 2024 Data Breach Investigations report, 68% of data breaches were due to accidental actions, the use of stolen credentials, social engineering and malicious privilege misuse. Even though this is an improvement from last year’s 74%, organizations must continue to focus on strengthening the human firewall to safeguard against cyber threats.
An emerging threat vector highlighted in this year’s report is the rapid adoption of AI in certain industries which presents additional risks if not implemented with strong cybersecurity measures.
"The data does not lie; regular and focused security training reshapes how employees interact with potential threats. Our goals are to educate and change behaviors, for employees to instinctively put security first," says Stu Sjouwerman, CEO of KnowBe4. "Furthermore, we are seeing more sophisticated cyber threats emerge because of AI and the need for training is imperative.”
This year’s report also examines international phishing benchmarks from North America, South America, Europe, United Kingdom & Ireland, Africa, Asia, Australia and New Zealand.
To download a copy of the 2024 KnowBe4 Phishing by Industry Benchmarking Report, click here.
About KnowBe4
KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, is used by more than 65,000 organizations around the globe. Founded by IT and data security specialist Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness about ransomware, CEO fraud and other social engineering tactics through a new-school approach to awareness training on security. The late Kevin Mitnick, who was an internationally recognized cybersecurity specialist and KnowBe4’s Chief Hacking Officer, helped design the KnowBe4 training based on his well-documented social engineering tactics. Organizations rely on KnowBe4 to mobilize their end users as their last line of defense and trust the KnowBe4 platform to strengthen their security culture and reduce human risk.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20240604089157/en/
About Business Wire
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
Enhertu® Approved in the EU as First Tumor Agnostic HER2 Directed Therapy and Antibody Drug Conjugate for Patients with Previously Treated HER2 Positive Metastatic Solid Tumors29.6.2026 08:30:00 CEST | Press release
Approval based on three phase 2 trials of Daiichi Sankyo and AstraZeneca’s Enhertu that demonstrated clinically meaningful responses across a broad range of tumors Enhertu now approved for six indications in the EU Enhertu® (trastuzumab deruxtecan) has been approved in the European Union (EU) as a monotherapy for the treatment of adult patients with unresectable or metastatic HER2 positive (immunohistochemistry [IHC] 3+) solid tumors who have received prior treatment and who have no satisfactory treatment options. Enhertu is a specifically engineered HER2 directed DXd antibody drug conjugate (ADC) discovered by Daiichi Sankyo (TSE: 4568) and being jointly developed and commercialized by Daiichi Sankyo and AstraZeneca (LSE/STO/NYSE: AZN). The approval by the European Commission follows the positive opinion of the Committee for Medicinal Products for Human Use of the European Medicines Agency and is based on results from subgroups of patients with HER2 positive (IHC 3+) tumors across thr
Beerenberg Prevails in Patent Case Against Aspen Aerogels29.6.2026 07:00:00 CEST | Press release
The ruling confirms that Beerenberg did not infringe Aspen Aerogels’ patents. The Korean Patent Court has invalidated three of Aspen Aerogels’ patents related to improved hydrophobic aerogel material. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260628192007/en/ Beerenberg delivers high-end insulation solutions built for performance, reliability, and long-term value. (Photo: Beerenberg) The ruling confirms the conclusion of the Intellectual Property Trial and Appeal Board (IPTAB) that the patents did not meet the necessary requirements for patentability. Beerenberg, which specializes in high-end insulation products, welcomes the court’s decision. “We are pleased that the case has now been concluded and that any uncertainty regarding the infringement claims has been removed,” says CEO Arild Apelthun. About Beerenberg Beerenberg has delivered cost-efficient solutions to a wide range of industrial enterprises for 49 years. Th
Seiden Law LLP States: Cambodian Businessman Leak Yim, Wrongfully Accused in Thailand, Seeks Redress in U.S. Court29.6.2026 06:00:00 CEST | Press release
Seiden Law LLP (“Seiden Law”), legal counsel for Mr. Leak Yim, a Cambodia national, and his family, announces the filing of an application in U.S. federal district court in Washington D.C., seeking court-ordered discovery to uncover the false and misleading information that may have led to mistaken prosecution in Thailand of Mr. Yim as well as his unwarranted identification to Congress as being associated with scam centers in Asia. 28 U.S.C. § 1782 (“1782”) provides powerful evidence-gathering remedies, permitting an applicant to obtain evidence in the United States to assist international proceedings. Seiden Law, a U.S. law firm with significant experience in 1782 cases, has filed this application to compel production of documents and sworn testimony from persons in the U.S. that will shed light on the circumstances surrounding recent actions against Mr. Yim. “Mr. Yim and his young family are the apparent victims of guilt by association and political persecution,” said Robert Seiden,
Sultan Bin Ahmed Attends Media Master's Graduation in Spain28.6.2026 18:40:00 CEST | Press release
His Highness Sheikh Sultan bin Ahmed bin Sultan Al Qasimi, Deputy Ruler of Sharjah and President of the University of Sharjah (UOS), attended on Friday, at the University of Barcelona, the graduation ceremony of the first cohort of the Master of Science in Media Entrepreneurship and Digital Innovation programme, first of its kind, offered by the University of Sharjah's College of Communication in partnership with the University of Barcelona and with strategic support from Sharjah Media City (Shams). This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260628429537/en/ Sultan Bin Ahmed attends Media Master's Graduation in Spain (Photo: AETOSWire) His Highness expressed his pride in their achievements and praised the strong partnership between the two universities, which share a commitment to knowledge, excellence and global understanding. His Highness stressed that graduation marks the beginning of a new journey rather than its con
VerSprite Launches Fork and Knife: AI-Driven Threat Modeling and Adversarial Testing Built for the Speed of Modern Software26.6.2026 23:28:00 CEST | Press release
Powered by the risk-centric PASTA methodology and two decades of accredited offensive security, the integrated platform lets enterprises threat model in a security sprint—then prove the risk through AI-led, human-on-the-loop testing. VerSprite, a global leader in risk-based threat modeling and the firm behind the PASTA (Process for Attack Simulation and Threat Analysis) methodology, today announced the general availability of Fork (www.forktm.com), a continuous application threat modeling platform, alongside Knife, an AI-led, human-on-the-loop adversarial testing platform for web applications and web API endpoints. Together, the two products operationalize a new model for product security—one where applications are securely designed, continuously modeled, and actively tested as part of the build process itself. The launch addresses a problem every security leader knows but few tools have solved: threat modeling is essential, never more so than in an AI-driven era, yet it has remained s
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom