KnowBe4 for Alliance for Strong Families and Communities

With the goal of folding security awareness into the Alliance’s organizational culture and a high Phish-Prone Percentage, Mueller and Lukaszewski (the Alliance’s director of IT and systems administrator and supervisor) to work training the staff and enriching their security posture with a highly-trained human firewall. Now that the Alliance has had its one-year anniversary with KnowBe4, the organization has increased the complexity of its simulated phishing tests and incorporated immediate trainings for users who mistakenly fall for a spoof. “KnowBe4 has allowed us to mature our program and build up that human firewall we wanted with security skills that really work. The Phish Alert Button tunes us in to actual threats in the wild and helps us create custom phishing templates that are very realistic. Our goal this year is to make our tests harder because we know that hackers don’t just send attachments or bad links. They start conversations and social engineer people; we are working with KnowBe4 to train our users to not respond to emails, to avoid smishing and vishing threats and more,” says Lukaszewski. Increasing awareness about security practices and protocols were the main goals of the Alliances’ SAT program with KnowBe4. Lukaszewski and Mueller, however, had a broader vision that KnowBe4 has proven very helpful in achieving. “We understand that part of the role of our IT department is to help keep our organization secure. For us to really embrace a culture of security, we have to drive communication between our users and our IT department. KnowBe4 has proven to be very effective in helping us drive rapport and trust between these two groups and foster a stronger security culture internally,” said Mueller. To achieve this goal, Mueller and Lukaszewski asked their users to phone IT directly if they failed a simulated phishing test. Mueller stated, “KnowBe4’s platform already alerts IT if a test is failed, but we want to promote good behaviors and get our users to understand that if something goes wrong in the real world, they must call IT right away. IT is not going to yell at them if they make a mistake; IT is going to help them solve the problem and protect the organization.” This approach also creates an environment that encourages users to not cover it up if they do mistakenly click a bad link or respond to a phishing email. With their users regularly being sent phishing tests and receiving both automatic remedial and scheduled trainings, Mueller and Lukaszewski can appreciate the usability of the KnowBe4 platform. According to Mueller, “KnowBe4 makes it simple to do really important and complex trainings that build up an organization’s security posture. The usability of the platform is very strong; we are able to create custom templates very easily and challenge our users even more. And we love the fact that KnowBe4 consistently adds new content so we can keep our trainings and our simulated tests fresh. KnowBe4 has been a wonderful partner and one that we expect to continue working with for a long time.”