Latest news with #KnowBe4
Channel Post MEA
4 days ago
- Business
- Channel Post MEA
KnowBe4 Unveils AI-Driven Prevent To Tackle Outbound Email Risk
KnowBe4 has announced the release of KnowBe4 Prevent across all market segments – an AI-driven email security product designed to enable organizations to manage the problem of outbound email risk. Following the release of Prevent Enterprise, Prevent is now available to suit the needs of small to medium-sized businesses. In 2025, human error remains the leading cause of data breaches (according to Verizon, 60% of incidents involve the 'human element'). The overwhelming volume of digital communications creates more opportunities for employees to expose sensitive information to the wrong recipients, attaching incorrect files, or inadvertently including confidential data. These breaches incur severe penalties, financial losses, and reputational damage, underscoring the critical need for prevention. However, traditional Data Loss Prevention (DLP) offerings rely solely on inflexible static rules and lack real visibility into what is being sent, to whom, and when. To address this challenge, KnowBe4 introduces Prevent, an AI-native outbound email security product that alerts your employees in real time when they are about to send emails and attachments to the wrong person. Prevent proactively detects and stops the full spectrum of outbound email security threats, including: Misdirected emails to incorrect recipients, including those as a result of autocomplete Unauthorized sharing of sensitive information Replies to suspicious emails and newly registered domains Data exfiltration attempts by malicious insiders or compromised accounts Misattached files, including hidden data within attachments (Prevent Enterprise) Internal unauthorized disclosure and breach of information barriers (Prevent Enterprise) Combined with detailed reporting and analytics, security teams are able to get a complete view of outbound security risk across the organization, behavioral analytics of users' interactions with Prevent's prompts and quantification of the prevented incidents to demonstrate efficacy and return on investment (ROI). 'Outbound email risk continues to be one of the most persistent and costly challenges an organization can face – one that requires smarter, more adaptive approaches to effectively address them,' said Greg Kras, chief product officer at KnowBe4. 'KnowBe4 has a proven track record of effectively addressing Human Risk Management, so we are proud to expand that coverage to include outbound email risk. Prevent is the most intelligent and proactive outbound email security product among today's email data loss prevention methods. Unlike traditional products, it uses advanced machine learning and contextual understanding of user behavior to identify risky actions in real time and prevent a data breach before it occurs. This allows organizations to stop incidents at the source, empower employees to make safer decisions, and enable security teams to manage and reduce risk at scale.'
Techday NZ
4 days ago
- Business
- Techday NZ
Internal-themed phishing emails drive sharp rise in staff clicks
KnowBe4 has released its Q2 2025 Phishing Simulations Roundup report, revealing a significant rise in employee vulnerability to phishing emails, especially those that mimic internal communications. The report shows that 98.4% of the top 10 most-clicked phishing email templates imitated internal messages, with attackers frequently posing as HR or IT departments. These findings indicate a persistent susceptibility among employees to social engineering techniques that leverage trust in familiar internal sources. According to the data gathered from the KnowBe4 HRM+ platform between April and June 2025, phishing simulation patterns remain largely unchanged from the previous quarter. The report specifies that internal-themed topics overwhelmingly led to clicks, demonstrating that workplaces continue to struggle with identifying fraudulent emails disguised as routine company communications. Among the internal communications strategies employed in phishing simulations, HR-themed emails accounted for 42.5% of incidents where employees clicked on malicious links, while IT-themed messages were responsible for 21.5%. This highlights the particular vulnerability of employees to phishing attempts that exploit organisational trust and daily business processes. Phishing campaigns using branded content were also prevalent, with 71.9% of malicious landing page interactions featuring recognisable brands. Microsoft was the most frequently impersonated brand, cited in 26.7% of such incidents. LinkedIn, X, Okta, and Amazon followed, showing that attackers use brand familiarity to further their fraudulent aims. Analysis of clicked links within these campaigns revealed similar trends. Internally themed email simulations accounted for 80.6% of the top 20 most-clicked links, and of these, 68.2% used domain spoofing methods to deceive recipients. This trend underscores the complexity of modern phishing attempts which go beyond simple deception and rely on technical measures that closely imitate legitimate domain names. Attachment-based phishing methods also posed a challenge for employees. Clicks on PDF attachments saw an 8.1% increase compared with the first quarter of 2025, and PDFs constituted 61.1% of the top 20 clicked attachments. HTML files and Word documents made up the remainder, with 20.9% and 18.0% respectively. Erich Kron, Cybersecurity Advocate at KnowBe4, commented on the findings: "One of the key takeaways from the Q2 Simulated Phishing Roundup is the critical role trust plays in cybersecurity. Whether that is trust in internal communications, familiar brands, or even known individuals, phishing emails that appear to originate from reputable sources will always have a higher chance of lowering a recipient's suspicions." "We see this time and time again in real-word scenarios, where attackers use sophisticated social engineering tactics to take advantage of this fundamental human instinct, making it harder for employees to distinguish legitimate and malicious emails." Elaborating further, Kron said: "The Q2 findings reinforce the need for organisations to strengthen their human defences through a layered approach centred on human risk management. This includes employee empowerment through a combination of relevant, timely and adaptive security training and intelligent detection technology that can identify and mitigate threats in real time." The Q2 2025 findings suggest that combating phishing threats requires ongoing prioritisation from organisational leadership, particularly in the areas of training and technological support. The data indicates a need for adaptive educational programmes and advanced detection mechanisms to ensure that staff can recognise and neutralise phishing attempts disguised as routine communications. Follow us on: Share on:
Techday NZ
4 days ago
- Business
- Techday NZ
Phishing attacks in Q2 2025 exploit trust in internal emails
KnowBe4 has released its Q2 2025 Phishing Simulation Roundup report, showing that employees remain vulnerable to phishing emails that closely mimic internal communications and well-known brands. Internal focus The report draws on data from simulated phishing exercises conducted in mid-2025 using the KnowBe4 HRM+ platform. It shows that 98.4% of the top 10 most-clicked email templates had internal themes, with human resources referenced in 42.5% of phishing failures and IT topics in 21.5%. Malicious emails that exploit trust by purporting to come from familiar sources are proving hard for employees to identify, with internal communication topics dominating the list of most successful phishing simulations. Branded threats KnowBe4's findings also indicate continued abuse of popular brands in social engineering attacks, with branded content present in 71.9% of malicious landing page interactions. Microsoft was featured in 26.7% of these interactions, followed by LinkedIn, X, Okta, and Amazon. When it came to hyperlinks within emails, the vast majority (80.6%) of the top 20 most-clicked links originated from internally-themed simulations, and 68.2% used domain spoofing techniques to appear more convincing. Attachment trends The analysis showed a rise in the use of PDF files as phishing lures. PDF attachment clicks increased by 8.1% compared to the previous quarter, and PDFs made up 61.1% of the top 20 attachments. HTML files accounted for 20.9%, with Word documents making up the remaining 18.0%. Consistency with previous quarter The trends in Q2 2025 were largely consistent with those seen in Q1 2025, emphasising the persistent nature of social engineering tactics that rely on the exploitation of trust and familiarity. Expert commentary "One of the key takeaways from the Q2 Simulated Phishing Roundup is the critical role trust plays in cybersecurity. Whether that is trust in internal communications, familiar brands, or even known individuals, phishing emails that appear to originate from reputable sources will always have a higher chance of lowering a recipient's suspicions. We see this time and time again in real-word scenarios, where attackers use sophisticated social engineering tactics to take advantage of this fundamental human instinct, making it harder for employees to distinguish legitimate and malicious emails," said Erich Kron, Cybersecurity Advocate, KnowBe4. Kron also highlighted the importance of a comprehensive approach to reducing risk: "The Q2 findings reinforce the need for organizations to strengthen their human defenses through a layered approach centered on human risk management. This includes employee empowerment through a combination of relevant, timely and adaptive security training and intelligent detection technology that can identify and mitigate threats in real time." Human element in security The Q2 2025 report points to a need for regular and adaptive security training for employees, alongside the deployment of detection technologies capable of recognising and halting phishing attempts. The data suggests that even as technical defenses improve, the human element remains a significant focus for attackers. Follow us on: Share on:
Techday NZ
5 days ago
- Business
- Techday NZ
KnowBe4 named a top workplace for 2025 in cybersecurity sector
KnowBe4 has been recognised as a 2025 Top Workplaces Industry winner by Energage, based on employee feedback and workplace culture. The Top Workplaces Industry award celebrates organisations that establish people-first workplace cultures in their sectors. Energage, the entity behind the Top Workplaces programme, runs a research-based employee engagement survey and has a long-standing history of acknowledging employers across national and regional markets. The latest recognition names KnowBe4 as an employer of choice within the cybersecurity industry, highlighting the organisation's efforts to build a supportive and empowering environment for its workforce. Employee feedback Energage CEO Eric Rubino commented on the significance of the accolade, emphasising the importance of employee voices in the process. In his statement, he said: "Earning a Top Workplaces award is a badge of honour for companies, especially because it comes authentically from their employees. That's something to be proud of. In today's market, leaders must ensure they're allowing employees to have a voice and be heard. That's paramount. Top Workplaces do this, and it pays dividends." The award process leverages direct input from employees, making it a mark of authenticity regarding internal culture and satisfaction. According to the organisers, more details on KnowBe4's approach to culture are available via the Top Workplaces platform. Leadership response Ani Banerjee, Chief Human Resources Officer at KnowBe4, underscored the value the company places on employee experience and feedback. In a statement, Banerjee said: "At KnowBe4, we always believe that building a world-class cybersecurity organisation starts with creating an environment where employees feel valued, supported, and empowered to innovate. This Top Workplaces Industry recognition is particularly meaningful because it comes directly from the feedback of our team members - the individuals who drive our mission forward every day. We are committed to continue investing in programmes and initiatives that make KnowBe4 an employer of choice." The recognition covers workplace initiatives and programmes that support employees at different levels, aiming to foster an environment conducive to innovation and retention. Awards process and industry context The Top Workplaces programme from Energage is a well-established survey and recognition scheme, with a presence in 60 regional markets and an 18-year background in culture research. The awards are determined solely by the results of the employee engagement survey, rather than by self-nomination or external judging panels. Such industry awards can influence company reputation, impacting talent attraction and employee retention, especially in sectors where competition for skilled professionals is high. KnowBe4's business focus KnowBe4 focuses on cybersecurity and human risk management, with its HRM+ platform providing a variety of services such as awareness and compliance training, cloud email security, and real-time coaching, among others. The company emphasises supporting organisations to strengthen security culture by harnessing tools, content, and personalised approaches to cybersecurity threats. The recognition from Energage reflects the current emphasis across technology industries on cultivating supportive internal cultures alongside external service delivery. The approach is seen by many as an essential factor in both business performance and industry reputation. The Top Workplaces Industry award consolidates KnowBe4's positioning as an employer valued by its workforce, as assessed directly through employee engagement and responses collected industry-wide. Follow us on: Share on:
Techday NZ
6 days ago
- Business
- Techday NZ
KnowBe4 launches AI-powered Prevent to tackle email risk
KnowBe4 has launched KnowBe4 Prevent, an artificial intelligence-powered email security solution targeted at small to medium-sized businesses to address outbound email risks. The company stated that the new tool uses advanced machine learning, neural networks, and behavioural analytics to help employees avoid sending emails and attachments to unintended recipients. The release follows the earlier deployment of Prevent Enterprise and represents a broader offering now available to suit organisations of varying sizes. AI for outbound security According to KnowBe4, increasing digital communications amplify the risk of human error, which remains the leading contributor to data breaches. Quoting industry data, the company noted that "In 2025, human error remains the leading cause of data breaches (according to Verizon, 60% of incidents involve the 'human element')." Risks from email include exposing sensitive information to the wrong individuals, misattaching files, or including confidential data inadvertently. Penalties for such breaches reportedly include financial losses and reputational harm. Traditional data loss prevention solutions, KnowBe4 asserted, often rely on static rules and lack the real-time contextual sensitivity required to track what is being sent, to whom, and when. Prevent aims to address these limitations. It alerts users in real time when they are on the verge of sending information to unintended recipients, and actively detects a range of outbound email security threats. These include misdirected emails, unauthorised sharing of sensitive data, responses to suspicious emails and new domains, as well as attempts at data exfiltration from malicious insiders or compromised accounts. For customers using the Prevent Enterprise version, additional controls are available against the unauthorised disclosure and the transmission of hidden data within attachments. Reporting and behavioural analytics The product also incorporates detailed reporting and analytics tools. These give security teams visibility into organisation-wide outbound security risks, chart users' interactions with Prevent's prompts, and quantify the incidents averted to help demonstrate the product's efficacy and return on investment. Outbound email risk continues to be one of the most persistent and costly challenges an organization can face – one that requires smarter, more adaptive approaches to effectively address them. KnowBe4 has a proven track record of effectively addressing Human Risk Management, so we are proud to expand that coverage to include outbound email risk. Prevent is the most intelligent and proactive outbound email security product among today's email data loss prevention methods. Unlike traditional products, it uses advanced machine learning and contextual understanding of user behavior to identify risky actions in real time and prevent a data breach before it occurs. This allows organizations to stop incidents at the source, empower employees to make safer decisions, and enable security teams to manage and reduce risk at scale. These remarks were made by Greg Kras, Chief Product Officer at KnowBe4, as part of the launch statement. Market context The arrival of KnowBe4 Prevent comes as businesses across sectors face increasing regulatory expectations on data protection, particularly with rising numbers of incidents attributed to employee mistakes in digital communications. The implementation of technologies that support real-time monitoring and adaptive intervention is emerging as a trend in organisational approaches to human risk management. With over 70,000 organisations worldwide reportedly using KnowBe4's broader platform, the introduction of Prevent represents the company's continued emphasis on combining technological and human factors in cybersecurity protocols. The platform's range includes awareness and compliance training, email security, real-time coaching, anti-phishing capabilities, and defence agents driven by artificial intelligence, with the intention to help organisations move from being vulnerable to becoming more resilient assets within their own systems.
