European cybersecurity company Nixu has started a co-operation with one of the largest security awareness training platforms in the world: KnowBe4 solution trains company employees continuously to identify phishing and social engineering.
Over third of all cyber-attacks involve internal actors, and over third included social engineering. Many breaches result from inadequate security hygiene and a lack of attention to detail. Social engineering is getting more and more sophisticated and, therefore effective. Organizations of all sizes should pay attention to human error and cybersecurity training.
“However, most companies do not train their employees on security matters enough,” says Anu Laitila, Cybersecurity Awareness Business Manager at Nixu. Together with her team, she creates security awareness activities and programs for companies and organizations from various industries. The awareness campaigns can include lectures, exercises, games, blogs, or any kind of engaging content. The trigger can be anything that will help people to remember security actions. “We’ve even created a concept of an escape room experience for employees,” Laitila says.
A comprehensive tool to boost learning
In its services, Nixu utilizes advanced tools to enhance awareness in a variety of ways, according to the needs of its client organizations. One of the largest integrated platforms for security awareness is KnowBe4 that contains the world’s broadest library of security awareness content, including automated training campaigns, simulated phishing attacks, and a wide range of content in different formats. The company has even created a tv-series called “The Inside Man” that covers various aspects of social engineering.
With the KnowBe4 platform, CISOs can easily build automated, ongoing awareness campaigns and follow-up on the ones who need an extra hand. The campaigns can also be targeted to a specific department, such as the HR or Finance team, and help to design a personal learning pathway for them. It is also possible to utilize groups by their learning levels. The reports that KnowBe4 provides support the development of cybersecurity programs and common company practices. Risk managers, IT managers, development managers, or other managers with strategic roles can see the current state of the personnel's security maturity.
Stepping into a new era of security
Cybersecurity has long been considered only as a technical issue. With many unfortunate cybersecurity incidents, breaches and the ever-rising trend of social engineering, companies are starting to see the bigger picture and the human factor around it.
Photo: “In a few years, we’ll be looking back at this time in disbelief: how was it possible we didn’t highlight security awareness in the past,” Laitila forecasts.
Companies should invest in the technical aspect – security operation centers, software and app security, identity and access management, to name a few – but the palette is not full until there is a good security awareness program running. And this goes for companies of all sizes. The change of culture in companies is happening, and forerunner organizations adopt new working habits fast.
Anu Laitila Cybersecurity Awareness Business Manager, Nixu Corporation
tel: +358 40 845 5021 email: firstname.lastname@example.org
Nixu in Brief:
Nixu is a cybersecurity services company on a mission to keep the digital society running. Our passion is to help organizations embrace digitalization securely. Partnering with our clients we provide practical solutions for ensuring business continuity, an easy access to digital services and data protection. We aim to provide the best workplace to our team of about 400 cybersecurity professionals with a hands-on attitude. With Nordic roots we serve enterprise clients worldwide. Nixu shares are listed on the Nasdaq Helsinki stock exchange.