Utilizing security awareness training and phishing security tests can be a useful and effective tool to reduce unintentional insider threats. However, if robust metrics are not put in place to effectively gauge the click rate patterns from a human landscape perspective, phishing tests can create organizational social engineering blind spots. Meaningful phishing assessment metrics should go beyond the click rate, and understand human patterns relative to their job and work environment.
This whitepaper reports the results of a 6-month experimental study testing the effectiveness duration of the 40-minute KnowBe4 “Kevin Mitnick Security Awareness Training”. The scope of the experiment was on common workplace phishing emails tested among small to medium size companies. This whitepaper was sponsored by KnowBe4.