News Release

< Back

KnowBe4 Releases 2021 State of Privacy and Security Awareness Report

Sep 16, 2021
Study highlights high-risk behaviors, worsened with remote work

TAMPA BAY, Fla., Sept. 16, 2021 /PRNewswire/ -- KnowBe4 (NASDAQ: KNBE), the provider of the world's largest security awareness training and simulated phishing platform, released its 2021 State of Privacy and Security Awareness Report.

The commissioned report is based on findings of a study conducted of a random sampling of 1,000 U.S. employees in both SMB and large enterprises. The study sought to find out how much cybersecurity training employees received and the impact it had on security and privacy best practices. Respondents were asked a variety of questions on general cybersecurity and data privacy knowledge and about the impact the COVID-19 pandemic had on training. Survey results were also broken down and analyzed by select industry verticals.

Highlights from the 2021 State of Privacy and Security Awareness Report include:

  • Only 48% of employees believe it is likely or very likely that their mobile device could become infected with malware if they click on a suspicious link or attachment in an email
  • Employees who are trained once a month are 34% more likely to believe that clicking on a suspicious link or attachment in an email is risky compared to employees who receive training no more than twice a year
  • Only 31% of employees feel that they understand business email compromise very well and can explain what it is to others, despite the fact that this attack vector is a huge and growing problem that costs businesses many millions of dollars each year
  • A little more than half (55%) of employees had continuous cybersecurity and data privacy training continue throughout the lockdowns caused by the COVID-19 pandemic
  • An average of 44% of respondents were not sure whether their employer was subject to six different privacy regulations, including the GDPR and HIPAA
  • The finance industry is the most likely to receive security awareness training, with 91% of finance employees reporting having received some form of training

"In analyzing these findings, what stands out is that U.S. employees' knowledge of cybersecurity and data privacy best practices has significant room for improvement," said Stu Sjouwerman, CEO, KnowBe4. "These alarming results highlight the critical need to implement new-school security awareness training for every U.S. employee throughout every organization in this nation. Going a step further to build a security-minded culture becomes essential as cyber criminals pose greater threats to business operations."

To download the report, visit

About KnowBe4
KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, is used by more than 41,000 organizations around the globe. Founded by IT and data security specialist, Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness about ransomware, CEO fraud, and other social engineering tactics through a new-school approach to awareness training on security. Kevin Mitnick, an internationally recognized cybersecurity specialist and KnowBe4's Chief Hacking Officer, helped design the KnowBe4 training based on his well-documented social engineering tactics. Tens of thousands of organizations rely on KnowBe4 to mobilize their end users as their last line of defense.

Media Contact
Amanda Tarantino
Public Relations Officer


Cision View original content to download multimedia: