news
New KnowBe4 feature enables peer comparisons with security culture benchmark
nowBe4 , the provider of the world ’ s largest security
K awareness training and simulated phishing platform , has announced it has launched a new Industry Benchmark feature that allows organisations to compare their security culture with others in their industry , creating an opportunity to evaluate key information around security culture with meaningful data . This feature is available via benchmark comparison data for KnowBe4 ’ s Security Culture Survey ( SCS ).
KnowBe4 ’ s science-based SCS helps security professionals tailor training to address proficiency gaps and weaknesses , as well as monitor the impact that their security awareness training programme has on improving their users ’ knowledge and sentiment to security awareness over time . The SCS provides an overview of the seven dimensions that make up an organisation ’ s security culture and an overall security culture score for the organisation . SCS Benchmarking can be utilised to track how an organisation ’ s culture changes over time relative to a specific industry .
“ This new feature provides our customers with the ability to discover how their security culture stacks up across the seven security culture dimensions from their baseline assessment
compared to an all-industry average or their specific industry ,” said Stu Sjouwerman , CEO , KnowBe4 . “ It will allow for further analysis , awareness and proficiency when it comes to assessing an organisation ’ s overall security culture . KnowBe4 is advancing its capabilities related to security culture to help enhance our customers ’ security posture .”
More C-suite engagement needed in 2022 to mitigate cyber-risk
rend Micro , a global leader in cloud security , has
T published new research revealing that persistently low IT / C-suite engagement may imperil investments and expose organisations to increased cyber-risk . Over 90 % of the IT and business decision-makers surveyed expressed particular concern about ransomware attacks .
Despite widespread concern over spiralling threats , the study found that only around half ( 57 %) of responding IT teams discuss cyber-risks with the C-suite at least weekly .
“ Vulnerabilities used to go months or even years before being exploited after their discovery ,” said Eva Chen , CEO of Trend Micro .
“ Now it can be hours , or even sooner . More executives than ever understand that they have a responsibility to be informed , but they often feel overwhelmed by how rapidly the cybersecurity landscape evolves .”
Fortunately , current investment in cyber initiatives is not critically low . Just under half ( 42 %) of respondents claimed their organisation is spending most on ‘ cyberattacks ’ to mitigate business risk . This was the most popular answer , above more typical projects like Digital Transformation ( 36 %) and workforce transformation ( 27 %). Around half ( 49 %) said they have recently increased investments to mitigate the risks of ransomware attacks and security breaches .
However , low C-suite engagement combined with increased investment suggests a tendency to ‘ throw money ’ at the problem rather than develop an understanding of the cybersecurity challenges and invest appropriately . The study follows previous Trend Micro research revealing a worrying cybersecurity disconnect between business and IT leaders – perpetuated by self-censorship from cyber experts and disagreements over who is ultimately responsible . u www . intelligentciso . com
13