Companies used to turn a blind eye against Ransomware, in denial of the possibility they too could be the victim of an attack. All that turned to smoke when the virus WannaCry decimated computer systems around the world in May of 2017. Hundreds of thousands of computers were held ransom, their machines inoperable, and the tons of data within them rendered unusable by the hackers’ encryption code. No emails could come in and out. Documents, especially those that were vital for sales and operations, could no longer be accessed. The WannaCry hackers were asking at least $300 in bitcoin ransom from each company to release the encryption code that could free the computers and restore the data.
The Miami Herald estimates that about 200,000 to 300,000 computers in 150 countries around the world were infected. Not many of them paid up and as a result lost their data. In his interview with the paper, KnowBe4 Chief Executive Stu Sjouwerman said that the projected damage in downtime caused by WannaCry reached $1 billion. During those four days in May that held these companies captive, they could not do business, attend to their customers, hold game-changing partnership meetings, and deliver on their services. Loss of income was just the tip of the iceberg; customer satisfaction and confidence in these affected companies also declined. The companies that did not pay up would take months to recover in just tracking and putting together their lost data, and then translate it into a recognizable form that their staff can use to contact their customers and other shareholders.
In another interview with Marketplace, Sjouwerman said that business heads find it a “no-brainer” to pay up because failure to do so will lose them months of work. The organizations also risk shutting down completely. Sometimes even backup systems fail, forfeiting any chances for recovery.
That’s why, especially in hacking cases, an ounce of prevention is better than a pound of cure. KnowBe4 offers security awareness and training to corporate employees, making them the first line of defense against hacking, phishing, ransomware, and other forms of viruses. Sometimes, all it takes is one employee’s innocent click of a key for the virus to enter the system and infect the servers and the files. However, had that employee been informed or trained ahead of time to spot a virus and neutralize it, then he or she could spot the attack in its tracks and ultimately spare the company a ton of grief. In the process, he would also have spared himself and his colleagues the risk of exposure to another dreaded malaise called unemployment, which can happen should ransomware shut the company down.
KnowBe4’s security and training platform is being used by 9,000 corporations worldwide. This Florida-based company founded by Sjouwerman is also number 139 in Inc.com’s 2016 list of 5000 fastest-growing companies in 2016. It also made the #50 slot on Deloitte’s Technology Fast 500 that same year.
In a TV interview, Sjouwerman, who himself is a security analyst, emphasizes, “IT security starts with people. You have to start with employees: train them and then send them mock phishing attacks.”
KnowBe4’s security awareness training program features four major components:
What makes KnowBe4’s programs unique and effective is that behind their design is Chief Hacking Officer Kevin Mitnick. Mitnick used to be the world’s most famous and wanted hacker. However, since 2000, he has used his 30-year experience in the hacking business to help corporations deal with the threat by training their employees. As a security consultant, he has performed penetration tests for Fortune 500 companies, and taught social engineering classes to private corporations and government agencies.
As TechRepublic puts it, Mitnick started KnowBe4 with Sjouwerman, understanding full well that it takes an excellent hacker to catch others. And with these two manning their cyber-defenses and teaching security to their employees, companies can fortify themselves more powerfully against ransomware and other insidious viruses.