KnowBe4 is the company that has Kevin Mitnick as its chief hacking officer, and claims to be the most popular integrated platform for security awareness training and simulated phishing tests, with thousands of enterprise customers.
According to Stu Sjouwerman, CEO at KnowBe4, phishing emails are involved in a variety of attacks, including ransomware and business email compromise fraud.
"BEC and ransomware are on pace to be a $1 billion a year crime this year," he said.
KnowBe4 also offers a free phishing security test for up to 100 employees. The company also has a one-time free email exposure check that identifies employees' email addresses that are exposed to the public.
The company claims over 1,000 enterprise customers and offers automated phishing tests and training modules. One of the earliest vendors in this space, Wombat grew out of research at Carnegie Mellon University in 2008.
It makes sense that the company continues to focus on research, and it regularly puts out research reports about phishing trends and training effectiveness. For example, Wombat worked with the Ponemon Institute to determine that the average-performing program resulted in a 37-fold return on investment,
According to Joe Ferrara, CEO at Wombat Security Technologies, phishing costs the average 10,000-employee organization $3 million a year -- and a successful training program can reduce the number of employees falling for phishing attacks by up to 90 percent.
One key to a successful program, he said, is to automatically send the employee to a phishing training module right after they fail a phishing test.
That's the point where they're most motivated to improve, he said.
The company offers anti-phishing training, simulated phishing attacks, a monthly newsletter, posters, digital signage, and other job aids to provide a constant stream of tips and best practices that can help keep security top-of-mind for employees.
Customers include Franklin Templeton Investments, ING, Chicago Mercantile Exchange, Tata, RedBox, ADP, Jhnson Controls, Bridgestone, the USDA, and ABB.
The company says that it has more than five million users worldwide, and the programs reduce phishing succeptibility by more than 92 percent.
Its PhishProof product is available as a completely managed service where the company's team of experts designs and deploys assessments and training, or as a software-as-a-service model with online software that can be used to create and deploy assessment within minutes.
Blackfin Security, part of Symantec, offers phishing simulation and training. The awareness training can be integrated right into the phishing simulation assessments with immediate in-line training, or users can schedule follow-up training that fits their schedule.
Sign up for Computerworld eNewsletters.