Security Experts:

Connect with us

Hi, what are you looking for?



KnowBe4 Brings Artificial Intelligence to Security Awareness Training

It seems that you cannot have a new security product without a machine learning component. It makes sense. Machine learning recognizes patterns and returns probabilities. Risk, and cyber security is all about risk, is also about patterns and probabilities. Binary security is beginning to look a bit old.

It seems that you cannot have a new security product without a machine learning component. It makes sense. Machine learning recognizes patterns and returns probabilities. Risk, and cyber security is all about risk, is also about patterns and probabilities. Binary security is beginning to look a bit old.

Now machine learning has entered security awareness training. Security awareness training firm KnowBe4 has added a Virtual Risk Officer (VRO), a Virtual Risk Score (VRS), and Advanced Reporting (AR) features to its security awareness training and simulated phishing platform.

“We’ve integrated a deep learning neural network that evaluates how risk changes over time within an organization,” explains Stu Sjouwerman, CEO of KnowBe4, “which helps cybersecurity professionals measure how their security awareness program performs.”

Traditional simulated phishing tells organizations which of its employees are deceived by a simulated phish, and which ones recognized it. On its own, it gives no real measure on the probability of the employees falling for a future — perhaps malicious — phish.

This is the purpose of the VRO and the VRS. The VRO helps the security team to identify risk at the user, group or organizational level. This makes future awareness training plans more relevant. The VRS highlights which groups are particularly vulnerable to social engineering attacks — again allowing the security team to more finely focus its training.

Machine learning works by analyzing data and detecting patterns that would normally be missed by human analysts. KnowBe4’s approach is to draw the raw data from five categories. These are breach history (has the user been exposed in a prior breach made publicly known); extent of training; the state of their ‘phish-prone percentage’ (which is a KnowBe4 measure of the user’s fail points); the level of risk for their operational group (for example, working in finance would be a high risk level); and a booster feature that allows the security team to adjust for known risk factors.

Sjouwerman told SecurityWeek how this works. “Each user will have a Personal Risk Score. The risk score for an organization’s groups and an organization is a calculation based on the Personal Risk Scores of all of the members of that group or organization.”

That personal risk score, he continued, “is calculated by several different factors including how likely the user is to be targeted with a phishing or social engineering attack, how they will react to these types of events, and how severe the consequences would be if they fell for an attack.”

For example, the Personal Risk Score of employees in an Accounting Department will be higher than those of employees in the Graphic Design Department, because an Accounting Department has access to sensitive financial data. “Similarly,” he added, “a CEO or CFO will have a higher risk score than a Marketing Director, because the C-level executives may have access to classified or proprietary information about the organization.”

The effect of KnowBe4’s neural network is to bring together all of these different factors into a single metric: the virtual risk score that is based on more than just the user’s phishing and training performance. The process is rounded off by KnowBe4’s new Advanced Reporting feature. This, says the company, gives access to more than 60 built-in reports with insights that give a holistic view of the entire organization over time. Each report, which is now available immediately, gives visibility into the organization’s security awareness performance based on trainings taken and simulated phishing data.

“Before AR and VRO,” explains Sjouwerman, “the admin could see Phish-prone percentage and training but could not correlate those two items. AR allows the correlation and VRO takes that to the next level by also incorporating additional data such as user exposure and role within the organization.”

Clearwater, FL-based KnowBe4 was founded by Stu Sjouwerman in 2010. It raised $30 million in Series B financing  led by Goldman Sachs Growth Equity (GS Growth) in October 2017; bringing the total funding to date to $44 million.

Related: PhishMe Acquired at $400 Million Valuation, Rebranded as Cofense 

Related: Security Awareness Training Debate: Does it Make a Difference? 

Related: Security Awareness Training Top Priority for CISOs: Report 

Written By

Click to comment

Expert Insights

Related Content


The North Korean APT tracked as TA444 is either moonlighting from its previous primary purpose, expanding its attack repertoire, or is being impersonated by...


The UK’s NCSC has issued a security advisory to warn about spearphishing campaigns conducted by two unrelated Russian and Iranian hacker groups.

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...


The Single Most Important Part of Dealing with a Phishing Attack is Preparing for the Attack Before it Actually Happens.

Management & Strategy

Tips for making a presentation that will help improve the state of security programs and reflect favorably on the presenters and their companies


The easiest way for a cyber-attacker to gain access to sensitive data is by compromising an end user’s identity and credentials. Things get even...

Application Security

Software maker Adobe on Tuesday released security patches for 29 documented vulnerabilities across multiple enterprise-facing products and warned that hackers could exploit these bugs...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...