Email security is a hot topic, with 8.3 billion emails sent daily in the UK and new DMARC policies being enforced. Social engineering and phishing attacks can easily be the chink in your cybersecurity armour, with humans the first layer of defence.
Our most recent partner event, ‘Maximise your partnership with Brigantia and KnowBe4’, discussed the role of AI in cybersecurity alongside insights and product updates centred around KnowBe4's market-leading security awareness training platform.
The event featured presentations by:
Angus Shaw – Director, Brigantia
Rob Hall – Product Marketing Director, Brigantia
Ben Symons – Director of Sales, KnowBe4
Ben Dutton – Partner Account Manager, KnowBe4
If you couldn’t make it to our live London event, we’ve put together some key takeaways.
Angus welcomed partners and introduced KnowBe4. Angus explained that KnowBe4 provides market-leading security awareness training with the broadest range of customisable phishing simulation templates to fortify the human firewall.
For KnowBe4, it’s not about what employees do but what they know. Reaching the UK in 2016, and now with over 65,000 customers across various industries, KnowBe4 is the world's most extensive integrated security awareness training and simulated phishing platform.
With the intros made, Angus handed over to Rob Hall, our Product Marketing Director.
Rob gave a great talk on the growth of AI and its impact on the cybersecurity landscape. These are the key takeaways.
The human vulnerability
Humans are susceptible to attacks and are often the weakest link. Therefore, awareness and training are essential to building effective defences.
AI, cybersecurity and deepfake threats
Attackers increasingly deploy AI for malicious activity, such as deep fakes, real-time voice cloning, image manipulation, and real-time videos for blackmail and spoofing.
However, we have AI on our side, too. It's highly effective in detecting and countering threats, thanks partly to its ability to process and spot patterns in huge quantities of data. Rob likened this to a “cheat code," enabling higher-quality, more efficient monitoring.
Emotet malware – the hacker’s number 1 AI tool
Nonetheless, the risks remain. Emotet is a potent malware strain and criminal operation. Its creators have successfully created botnets of infected computers, selling access using a malware-as-a-service model.
They have used machine learning to make their operation more efficient. The malware lies dormant in the target’s network, assessing security controls and adapting to surroundings. Once ready, an attack is triggered. It’s hard to detect, and efficient social engineering is used to evade detection.
Defence strategies
Given the advancing threat landscape, email, device, network security, strong passwords, multi-factor authentication, and regular patch management are required alongside continuous staff training to recognise and respond to threats promptly and appropriately.
Future threat landscape
As the world of AI continues to evolve and develop, we can expect more advanced and targeted AI-driven attacks. Now more than ever, continuous testing, training, and building a strong security culture is essential to mitigate risks.
Humans are the weakest security link in the stack and need ongoing, up-to-date training. Organisations must generate a preventative, safe, strong security culture that rewards proactive employee reporting.
Ben Sutton and Ben Symons from KnowBe4 then focused on the roadmap for KnowBe4, which promises many exciting developments.
Product suite for security and compliance
PhishER
A system orchestration and remediation tool for managing phishing attacks, integrating PhishML for machine learning-based threat detection and PhishRIP for removing malicious emails. The system uses machine learning to identify and respond to threats faster.
PhishER Plus
PhishER Plus enhances threat intelligence by collating threat data from user reports to prevent future attacks. It works with any user who has reported a threat to ensure lessons are learned across the organisation.
SecurityCoach
KnowBe4’s newest product monitors risky behaviours and sends users instant alerts via email or Slack with security tips. This allows risky behaviour to be nipped in the bud rather than waiting for formal training.
AI may be a threat, but we can use it to our advantage by leveraging it against threats to create a human firewall. Only 3% of security spending is focused on the human layer, so MSPs have ample opportunity.
The previous talk highlighted how effective KnowBe4 is for end users. It's also a highly MSP-friendly platform. Brigantia must consider both these factors when choosing a vendor, and Ben Dutton's talk focused on what it offers MSPs.
KnowBe4 offers a managed service to assist MSPs in delivering practical security training to end users, freeing up resources.
Offering a market-leading managed service gives MSPs a competitive edge. By highlighting ongoing risks, you become a trusted advisor to your customers. With low resource requirements, the KnowBe4 product suite offers a high-margin additional revenue stream that promotes customer retention and opens doors for new prospects.
KnowBe4 will continue to develop human risk management, combining a preventative, holistic approach to cybersecurity with the ongoing development of detailed risk analysis and the leveraging of AI.
We want to thank Ben Symons and Ben Dutton for their insights and all the other attendees for joining us at another great event. Check out the highlights of the day and our upcoming events below.
Join us at InfoSec 2024 from 4th to 6th June, alongside vendors Heimdal and Sendmarc, to learn more.
The Brigantia Major Partner Day is 2nd-3rd October. Find out more and register.