Phishing prevention: KnowBe4 reduces human error in cybersecurity

Effectively managing the ongoing challenge of social engineering involves implementing security awareness, training, compliance testing and fake phishing to identify vulnerabilities.

KnowBe4 Inc. addresses human error in cybersecurity through phishing prevention and implementing security awareness, according to Stu Sjouwerman (pictured, left), founder and chief executive officer of KnowBe4.

KnowBe4’s Stu Sjouwerman and Egress Software’s Tony Pepper talk to theCUBE about phishing prevention.

“We now have this platform with almost 70,000 customers and 60,000 users,” he said. “We did find that advanced threat actors make it through the old security email gateways that make it through the filters. And you need an ICES, and this is where Tony comes in, that lives and catches those very super sophisticated phishing attacks so you can provide a whole platform and decrease your vendors.”

Sjouwerman and Tony Pepper (right), co-founder and chief executive officer of Egress Software Technologies Ltd., spoke with theCUBE Research chief analyst Dave Vellante at the RSA Conference, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed how KnowBe4 and Egress are teaming up to address human risk management in organizations by using artificial intelligence and data. (* Disclosure below.)

KnowBe4’s strategies for phishing prevention

Businesses need to focus on detecting behavioral-based threats, particularly through email, as it is the number one concern in the changing threat landscape. Furthermore, a new approach is needed to combine AI-based threat detection with personalized training based on real-life threat telemetry, according to Pepper.

“Email’s really the number one threat that is a real concern. But the threat landscape’s changed … the world is struggling with behavioral-based threats,” Pepper said. “The old days of payload-based attacks, they’re kind of gone. It’s all using highly sophisticated models. Crime as a service is now an industry which you can fire up incredibly sophisticated attacks at low cost and serve them up to the world. I think we need to move on to a new approach.”

AI and data are crucial in detecting and preventing advanced attacks. Access to data is essential for training models, and data can be used to build better detection and filter out attacks to protect customers’ IPs, Sjouwerman pointed out.

“To be able to deliver something at scale that’s truly something different, you need scale data. That’s what’s super interesting about, ultimately, a KnowBe4 customer, is if you can take that data, that information you have on how they react to phishing campaigns, how they report it,” Pepper said. “When you’ve got that data and you can plug that into a whole series of models, and then you can use that to flip it on its head to then build better detection, which, of course, then is self-trained, then you’ve got something really different.”

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE Research’s coverage of the RSA Conference:

(* Disclosure: KnowBe4 Inc. sponsored this segment of theCUBE. Neither KnowBe4 nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE