Report: Security awareness training to become ‘multi-billion industry’ in 2017

Written by Mitnick Security | Mar 2, 2017 12:00:00 AM

KnowBe4, provider of the most popular platform for security awareness training and simulated phishing, along with Cybersecurity Ventures, a leading research and marketing intelligence firm focused on the cybersecurity industry, have released a joint market report examining the state of spending in the overall security awareness training market.

According to Steve Morgan, founder and editor-in-chief at Cybersecurity Ventures, security awareness training will become a multi-billion dollar industry in 2017. Additionally, he further projects that by 2021 Fortune 500 and Global 2000 corporations will consider security awareness training as ‘fundamental’ to their cyber-defense strategies, with small businesses following shortly thereafter. “Security awareness training for employees is the most under spent sector of the cybersecurity industry,” says Morgan.

Organizations of every size are starting to recognize that inside threats are as significant as outside threats. Users will be a crucial part of any organization’s information security program, and training those users to recognize the overtures of malicious actors will be critical to hardening the “people layer,” also known as the last line of defense against cyberattacks. As the number of online users increases — one estimate says there will be four billion people online by 2020 — and the need to train them in security awareness grows, Morgan sees the possibility of the overall market reaching $10 billion by 2027.

Stu Sjouwerman, CEO of KnowBe4, describes new-school awareness training as “proven to be very effective in creating a human firewall, a company’s last line of defense.” Sjouwerman goes on to say “New-school security awareness training has by far the best ROI of any security layer. Users see Phish-prone percentages go from an average of 15 to 20 percent down to one to two percent after a year.”

While necessity is the prime driver behind the growth of awareness training, there are other factors contributing to growth, too, such as improvements in the training itself. New-school security awareness training, for example, has seen significant growth over the past five years because it’s effective, useful and users are more apt to actively participate than ever before. It combines interactive training in the browser with frequent simulated phishing attacks straight into the user’s email inbox.

To find out how prone you are to a phishing attack, sign up here for KnowBe4’s test. To view a copy of the full Security Awareness Training Report, please visit: http://cybersecurityventures.com/security-awareness-training-report-2017/.

Source: GSN: Government Security News,