KnowBe4 named a top workplace for 2025 in cybersecurity sector
The Top Workplaces Industry award celebrates organisations that establish people-first workplace cultures in their sectors. Energage, the entity behind the Top Workplaces programme, runs a research-based employee engagement survey and has a long-standing history of acknowledging employers across national and regional markets.
The latest recognition names KnowBe4 as an employer of choice within the cybersecurity industry, highlighting the organisation's efforts to build a supportive and empowering environment for its workforce.
Employee feedback
Energage CEO Eric Rubino commented on the significance of the accolade, emphasising the importance of employee voices in the process. In his statement, he said: "Earning a Top Workplaces award is a badge of honour for companies, especially because it comes authentically from their employees. That's something to be proud of. In today's market, leaders must ensure they're allowing employees to have a voice and be heard. That's paramount. Top Workplaces do this, and it pays dividends."
The award process leverages direct input from employees, making it a mark of authenticity regarding internal culture and satisfaction. According to the organisers, more details on KnowBe4's approach to culture are available via the Top Workplaces platform.
Leadership response
Ani Banerjee, Chief Human Resources Officer at KnowBe4, underscored the value the company places on employee experience and feedback. In a statement, Banerjee said: "At KnowBe4, we always believe that building a world-class cybersecurity organisation starts with creating an environment where employees feel valued, supported, and empowered to innovate. This Top Workplaces Industry recognition is particularly meaningful because it comes directly from the feedback of our team members - the individuals who drive our mission forward every day. We are committed to continue investing in programmes and initiatives that make KnowBe4 an employer of choice."
The recognition covers workplace initiatives and programmes that support employees at different levels, aiming to foster an environment conducive to innovation and retention.
Awards process and industry context
The Top Workplaces programme from Energage is a well-established survey and recognition scheme, with a presence in 60 regional markets and an 18-year background in culture research. The awards are determined solely by the results of the employee engagement survey, rather than by self-nomination or external judging panels.
Such industry awards can influence company reputation, impacting talent attraction and employee retention, especially in sectors where competition for skilled professionals is high.
KnowBe4's business focus
KnowBe4 focuses on cybersecurity and human risk management, with its HRM+ platform providing a variety of services such as awareness and compliance training, cloud email security, and real-time coaching, among others. The company emphasises supporting organisations to strengthen security culture by harnessing tools, content, and personalised approaches to cybersecurity threats.
The recognition from Energage reflects the current emphasis across technology industries on cultivating supportive internal cultures alongside external service delivery. The approach is seen by many as an essential factor in both business performance and industry reputation.
The Top Workplaces Industry award consolidates KnowBe4's positioning as an employer valued by its workforce, as assessed directly through employee engagement and responses collected industry-wide.
Follow us on:
Share on:
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Techday NZ
18-07-2025
- Techday NZ
Internal-themed phishing emails drive sharp rise in staff clicks
KnowBe4 has released its Q2 2025 Phishing Simulations Roundup report, revealing a significant rise in employee vulnerability to phishing emails, especially those that mimic internal communications. The report shows that 98.4% of the top 10 most-clicked phishing email templates imitated internal messages, with attackers frequently posing as HR or IT departments. These findings indicate a persistent susceptibility among employees to social engineering techniques that leverage trust in familiar internal sources. According to the data gathered from the KnowBe4 HRM+ platform between April and June 2025, phishing simulation patterns remain largely unchanged from the previous quarter. The report specifies that internal-themed topics overwhelmingly led to clicks, demonstrating that workplaces continue to struggle with identifying fraudulent emails disguised as routine company communications. Among the internal communications strategies employed in phishing simulations, HR-themed emails accounted for 42.5% of incidents where employees clicked on malicious links, while IT-themed messages were responsible for 21.5%. This highlights the particular vulnerability of employees to phishing attempts that exploit organisational trust and daily business processes. Phishing campaigns using branded content were also prevalent, with 71.9% of malicious landing page interactions featuring recognisable brands. Microsoft was the most frequently impersonated brand, cited in 26.7% of such incidents. LinkedIn, X, Okta, and Amazon followed, showing that attackers use brand familiarity to further their fraudulent aims. Analysis of clicked links within these campaigns revealed similar trends. Internally themed email simulations accounted for 80.6% of the top 20 most-clicked links, and of these, 68.2% used domain spoofing methods to deceive recipients. This trend underscores the complexity of modern phishing attempts which go beyond simple deception and rely on technical measures that closely imitate legitimate domain names. Attachment-based phishing methods also posed a challenge for employees. Clicks on PDF attachments saw an 8.1% increase compared with the first quarter of 2025, and PDFs constituted 61.1% of the top 20 clicked attachments. HTML files and Word documents made up the remainder, with 20.9% and 18.0% respectively. Erich Kron, Cybersecurity Advocate at KnowBe4, commented on the findings: "One of the key takeaways from the Q2 Simulated Phishing Roundup is the critical role trust plays in cybersecurity. Whether that is trust in internal communications, familiar brands, or even known individuals, phishing emails that appear to originate from reputable sources will always have a higher chance of lowering a recipient's suspicions." "We see this time and time again in real-word scenarios, where attackers use sophisticated social engineering tactics to take advantage of this fundamental human instinct, making it harder for employees to distinguish legitimate and malicious emails." Elaborating further, Kron said: "The Q2 findings reinforce the need for organisations to strengthen their human defences through a layered approach centred on human risk management. This includes employee empowerment through a combination of relevant, timely and adaptive security training and intelligent detection technology that can identify and mitigate threats in real time." The Q2 2025 findings suggest that combating phishing threats requires ongoing prioritisation from organisational leadership, particularly in the areas of training and technological support. The data indicates a need for adaptive educational programmes and advanced detection mechanisms to ensure that staff can recognise and neutralise phishing attempts disguised as routine communications. Follow us on: Share on:
Techday NZ
17-07-2025
- Techday NZ
Phishing attacks in Q2 2025 exploit trust in internal emails
KnowBe4 has released its Q2 2025 Phishing Simulation Roundup report, showing that employees remain vulnerable to phishing emails that closely mimic internal communications and well-known brands. Internal focus The report draws on data from simulated phishing exercises conducted in mid-2025 using the KnowBe4 HRM+ platform. It shows that 98.4% of the top 10 most-clicked email templates had internal themes, with human resources referenced in 42.5% of phishing failures and IT topics in 21.5%. Malicious emails that exploit trust by purporting to come from familiar sources are proving hard for employees to identify, with internal communication topics dominating the list of most successful phishing simulations. Branded threats KnowBe4's findings also indicate continued abuse of popular brands in social engineering attacks, with branded content present in 71.9% of malicious landing page interactions. Microsoft was featured in 26.7% of these interactions, followed by LinkedIn, X, Okta, and Amazon. When it came to hyperlinks within emails, the vast majority (80.6%) of the top 20 most-clicked links originated from internally-themed simulations, and 68.2% used domain spoofing techniques to appear more convincing. Attachment trends The analysis showed a rise in the use of PDF files as phishing lures. PDF attachment clicks increased by 8.1% compared to the previous quarter, and PDFs made up 61.1% of the top 20 attachments. HTML files accounted for 20.9%, with Word documents making up the remaining 18.0%. Consistency with previous quarter The trends in Q2 2025 were largely consistent with those seen in Q1 2025, emphasising the persistent nature of social engineering tactics that rely on the exploitation of trust and familiarity. Expert commentary "One of the key takeaways from the Q2 Simulated Phishing Roundup is the critical role trust plays in cybersecurity. Whether that is trust in internal communications, familiar brands, or even known individuals, phishing emails that appear to originate from reputable sources will always have a higher chance of lowering a recipient's suspicions. We see this time and time again in real-word scenarios, where attackers use sophisticated social engineering tactics to take advantage of this fundamental human instinct, making it harder for employees to distinguish legitimate and malicious emails," said Erich Kron, Cybersecurity Advocate, KnowBe4. Kron also highlighted the importance of a comprehensive approach to reducing risk: "The Q2 findings reinforce the need for organizations to strengthen their human defenses through a layered approach centered on human risk management. This includes employee empowerment through a combination of relevant, timely and adaptive security training and intelligent detection technology that can identify and mitigate threats in real time." Human element in security The Q2 2025 report points to a need for regular and adaptive security training for employees, alongside the deployment of detection technologies capable of recognising and halting phishing attempts. The data suggests that even as technical defenses improve, the human element remains a significant focus for attackers. Follow us on: Share on:
Scoop
16-07-2025
- Scoop
ComCom Saves Businesses $90 Million A Year In Payment Costs
The Commerce Commission has today issued its final decision to reduce interchange fees paid by Kiwi businesses to accept Visa and Mastercard payments. It costs New Zealand businesses around $1 billion a year to accept Visa and Mastercard payments, which is often passed onto their customers through surcharges and higher product costs. The Commission has determined this cost is too high and has acted to reduce this cost for businesses by around $90 million a year. 'This is an important step in our continued work to cut costs for businesses and consumers. Our latest decision builds on the initial fee caps set in 2022, which led to $140 million in annual savings to New Zealand businesses,' Commerce Commission Chair Dr John Small says. 'This decision cuts the cost for businesses accepting payments made through credit cards and foreign-issued cards, which are often the most expensive for businesses to accept. 'We expect our latest decision to see the average small business save around $500 each year in lower fees. Individual businesses could save more or less, depending on the mix of transactions they accept. 'In making this decision we were careful to balance lower costs for merchants today with keeping incentives for new fintechs to innovate and challenge the big established incumbents. That meant leaving enough money in the system to keep it competitive and safe from fraud and scams over the long term,' Dr Small says. Consumers can expect these cost savings to flow through to fewer and lower surcharges, but regulation may still be needed to curb excessive surcharging. 'We'll be exploring what regulation may be needed to address excessive surcharging, which we consider to be anything more than the cost businesses face to accept Visa and Mastercard payments,' Dr Small says. The Commission expects payments providers to support businesses to understand their costs to accept these payment types, so where businesses choose to surcharge it accurately reflects their cost. 'We have decided not to regulate the fees for commercial credit card or prepaid debit card payments at this time based on feedback we received during consultation. We're looking to understand more before deciding if these payment types should be regulated,' Dr Small says. Background The Commission prioritised addressing the costs businesses face to accept different payment types to ensure regulation of surcharging didn't have unintended consequences of moving costs for consumers from one area to another. Without action to lower the fees, limitations on surcharges could see businesses forced to absorb these fees and recoup the money elsewhere, like in higher product costs. Alternatively, it could lead to some businesses not offering certain payment methods, like contactless or credit, as they are too expensive. When someone uses a Mastercard or Visa credit card or makes a contactless payment, such as Paywave, the business receiving the payment is charged a 'merchant service fee'. It will most likely seek to recover this fee in the form of surcharges or higher product prices. This latest decision relates to interchange fees, which make up about 60% of merchant service fees. Mastercard and Visa card issuers (usually banks) receive an interchange fee every time a card holder uses their card at a business to make a payment. The remaining portion of the merchant service fees include fees that are paid to Mastercard and Visa, and to providers of payment services to businesses.
