KnowBe4 offers real-time coaching to stop phishing with new HDR tool

Human error is one of the main vulnerabilities that cybercriminals use to gain access to enterprise networks. A single click on a link or attachment in a phishing email is all it takes for a threat actor to hijack an employee’s online account. 

In fact, according to Verizon, 82% of breaches involve the human element, which includes social attacks, errors and misuse. 

However, an organization’s best line of defense against these attacks is security awareness itself. That’s why today, security awareness provider KnowBe4 announced the release of SecurityCoach, a human detection and response (HDR) solution, which identifies and responds to high-risk employee behavior with real-time security coaching.

For enterprises, this approach provides an opportunity to bolster existing security awareness training efforts, and to provide employees with guidance at the point of use so they can better protect their devices and online accounts from threat actors. 

Coaching as the answer to phishing 

The announcement comes amid a spate of high-profile phishing attacks, with hackers using a phishing email to access Dropbox’s private GitHub repositories. It also comes after a malicious Twitter campaign began targeting verified accounts holders to take advantage of Elon Musk’s introduction of an $8 monthly fee. 

Phishing scams are popular among attackers because they’re low-risk and high reward. It’s relatively simple to craft an email impersonating a popular brand like Office 365 and send it out to victims hoping that one privileged user makes the mistake of clicking through to a fake portal site and entering their login credentials. 

At the same time, there’s lots of pressure on employees to continuously make the right security decisions, and to identify manipulation attempts at speed. SecurityCoach aims to simplify this process by detecting high-risk behaviors and offering users coaching to reinforce their existing security awareness knowledge. 

“With SecurityCoach, we are introducing a new product category that automates the delivery of real-time security coaching and advice to help end users enhance their cybersecurity knowledge and strengthen their role in contributing to a strong security culture,” said Stu Sjouwerman, CEO of KnowBe4. 

The new tool is part of an emerging solution category. “KnowBe4 is driving a new human-centric category in cybersecurity— HDR — entirely focused on helping our customers improve their security posture by inoculating their end users against security threats using our new-school security awareness platform,” Sjouwerman said. 

A look at the security awareness training market 

KnowBe4 is one of the most significant vendors in the security awareness training market, which researchers estimate will grow from $1.9 billion in 2022, to a value of $12.1 billion in 2027. 

One of KnowBe4’s main competitors in the market is Proofpoint, a six-time Gartner Magic Quadrant leader that offers a security awareness platform providing phishing simulation tests, knowledge assessments, culture assessments and reports on top clickers (i.e., employees who’ve clicked on phishing links the most). 

Proofpoint most recently disclosed raising $308.7 million in revenue for the second quarter of 2021. 

Another competitor is Infosec, with a solution that offers users simulated phishing attacks and dashboard-driven reports on user performance, alongside PhishHunter email threat analysis to analyze message content, and an endpoint protection integration. 

KnowBe4’s release of HDR will help to differentiate its product ecosystem from these competitors by providing users with greater support at the point-of-use, so they can make better security decisions.