A Highly Customizable InfoSec Training Platform That's Worth the Price
Updated July 08, 2022
Verified User Director in Information Technology Higher Education Company, 501-1000 employees
Score10 out of 10
Vetted Review
Verified User
Software Version
Training Access Level III (Diamond)
Modules Used
- KnowBe4 Training Modules (e.g. Common Threats, Creating Strong Passwords, GDPR, etc.)
- The Security Awareness Company Content Library
- Popcorn Training
- Phishing
Overall Satisfaction with KnowBe4 Security Awareness Training
Use Cases and Deployment Scope
There are three primary opportunities for which we employ KnowBe4: Onboarding new employees with mandatory infosec training and including organization-specific information Phishing Ongoing topics in infosec fundamentals for the organization The onboarding program is set to automatically enroll new employees, requiring them to complete a series of modules that takes about 20 minutes. Then, to complete the training, they have to read our Acceptable Use Policy. But it's the phishing tests we perform that provide accurate measurements on how aware our users are of the potential risks and it's this area that KnowBe4 really performs well for us
Pros and Cons
Phishing
Being able to create custom campaigns
Being able to include non-KB4 material (such as our own documentation) into a campaign
KB4 does a wonderful job of keeping content and material up to date
There are industry-standard professional certifications for infosec. Would love to see KB4 offer professional training geared toward completing some of these certifications.
Return on Investment
Decrease in ID theft through better phishing awareness
Fewer support calls to the help desk through users knowing how to spot suspicious links and emails
Alternatives Considered
SANS Security Awareness Training
Hands down, KnowBe4 has been a superior product for us. Its reporting features are easy to set up, run, and allows for greater analysis of campaign results. This alone has justified the switch. Additionally, there is a far more comprehensive library of material and, within that library, and excellent variety of types (gamefied, video, etc.)
Key Insights
Do you think KnowBe4 Security Awareness Training delivers good value for the price?
Yes
Are you happy with KnowBe4 Security Awareness Training's feature set?
Yes
Did KnowBe4 Security Awareness Training live up to sales and marketing promises?
Yes
Did implementation of KnowBe4 Security Awareness Training go as expected?
Yes
Would you buy KnowBe4 Security Awareness Training again?
Yes
KnowBe4 Training Content
The speed with which new content is provided has allowed us to keep up to date with current security topics and threats. That, in turn, has provided an increase in the number of our users reporting suspicious emails and link instead of clicking on them. The up to date content has really been impactful in a positive way.
KnowBe4 User Management
We use SSO and so all logins are handled through Active Directory. This has made user management an easy thing to maintain. Setting up SSO was fast and we did not encounter any difficulties. And, having the SSO login increased the adoption rate and completion rate of assigned training since users were able to use their organization credentials instead of having to create and remember another login.
KnowBe4 Reporting
For phishing campaigns, we look primarily at the click rates for both links and attachments. We do, of course, measure those against the open rate so we can determine the percentage of users who received the email and clicked on a link/attachment. But this also needs to be looked at in relation to KnowBe4's reporting capabilities so we can measure the trends over time.
Other Software Used
SANS Security Awareness Training
Likelihood to Recommend
In addition to the excellent and relevant topics and modules, our account rep with KnowBe4 has been fantastic. She schedules regular meetings to go over new areas of KnowBe4, assists with campaign building (whether it's answering questions about how to set something up or offering ideas and insights into different ways of running a campaign), and just check-in to see if there is anything KnowBe4 can do to help us use our platform. In IT, far too many vendors simply want to sell the license/subscription and then move on. KnowBe4 wants to ensure we're seeing the value and getting a return on the investment into the platform. As good as the material is, it's the customer service and support that has really helped us use KnowBe4 to a much better extent than other infosec training companies that we've used in the past.
KnowBe4 Security Awareness Training Feature Ratings
9.5
Training Content Library
10
Multilingual Training Content
Not Rated
Training Gamification
10
Industry-Specific Security Training
9
Individualized Security Training Plans
8
Phishing Simulations
10
Security Reporting
10
Integration with Security Tech Stack
Not Rated
9.0
Role-based user permissions
8
Single sign-on capability
10
KnowBe4 Compliance Plus
Training Content
Excellent. In higher education, FERPA is a critically important compliance issue and the training materials provided have been very helpful
Value of Centralized Services
NA
Cost
Yes
NA
Cost Comparison
Unsure
KnowBe4 Security Awareness Training New Features
User Provisioning
It's made the adoption rate and the completion rate grow. With a prior security training platform we used, we didn't have SSO and one of the chief UX complaints we received dealt with having to create yet another online ID and maintain that password. SSO made it much easier for the users.
From the IT side, SSO resolves one of our more irritating tasks of deprovisioning ex-employees, adding new employees, and all the other tasks associated with user management
Can't really speak to this yet as our primary focus has been on phishing campaigns so far and less on the awareness training.
Usability
10
The interface is pretty straightforward and easy to navigate. It will take a bit of time to figure out simply because the offering is so vast and there's much to it but once you get familiar with how they've arranged things, it's quick and easy to work your way through. KnowBe4 was really helpful in getting us set up with SSO as well.
Security Awareness Training with PhishER
We haven't used this yet
Using KnowBe4 Security Awareness Training
Users and Roles
We require awareness training to be completed by all employees of the organization. This covers everyone from admissions to marketing to IT to accounting, to faculty to...
Support Headcount Required
1-It's important to, at the absolute very least, have one person on the support team at your organization to be familiar with the basic tenets of information security, identity security, and online safety. They don't need to be experts but they do need to understand why these areas are a concern and the devastating impact that a security breach can have on the financial position of the organization.
Business Processes Supported
Reducing liability to the organization by training people on phishing techniques
Teaching people to be very careful of what PII they share
Teaching people that security awareness at home and at the office are linked
Innovative Uses
By including custom material (like tech and info policies) into training campaigns, we've been able to ensure that employees have read updated versions
Future Planned Uses
We plan to roll out role- and department-specific awareness training within the next 12 months
Likelihood to Renew
10
Awareness training is not a (and should not be) single "one and done" event. It's an ongoing, critical part of any organization's security efforts. As new threats arise, it's important that we have immediately available training materials to roll out to our organization. Security training is no longer a luxury for any organization.
Evaluating KnowBe4 Security Awareness Training and Competitors
Products Replaced
Yes-SANs was our platform before. Although the content was useful and up to date, the reporting capabilities just weren't what we needed. KnowBe4's reporting, combined with the dashboard, makes it a lot easier to quickly understand what is happening at my organization in a glance.
Key Differentiators
Product Features
Product Usability
Product Reputation
As I have mentioned a few times in my review, it's the administration portion of KnowBe4 that really sold us on the platform. It has great content and we do appreciate the various methods of content delivery but we keep coming back and renewing the subscription because, as the IT admin for our InfoSec initiatives, the ease of use and ability to see at a glance what is happening makes this a great platform to use.
Evaluation Lessons Learned
NA
KnowBe4 Security Awareness Training Support
KnowBe4 Security Awareness Training Customer Support Pros and Cons
Pros | Cons |
---|---|
Quick Resolution Good followup Knowledgeable team Problems get solved Kept well informed No escalation required Immediate help available Support understands my problem Support cares about my success Quick Initial Response | None |
Premium Support
We did not
Bug Resolution
No
Exceptional Examples of KnowBe4 Security Awareness Training Support
I've reached out a couple times to get assistance with setting up a campaign with more complex logic or with adding complexity to phishing attempts and both times not only was my request for help answered quickly, but within a very short period of time, we had a one on one training session provided to walk us through the process.
Support Rating
10
As I already mentioned, KnowBe4 is an excellent company when it comes to supporting and post-purchase service. I know that, at any time, I can call my account rep and she will schedule as much time as I need to help with things from setting up campaigns, going over new modules and areas of content, and much more. The customer service is what puts KnowBe4 ahead of its competitors (and one of the reasons we switched from a different training provider to KnowBe4)