Human & Machine : Cyren Inbox Security and KnowBe4

Cyren has integrated our anti-phishing solution, Cyren Inbox Security, with KnowBe4’s security awareness training platform. This idea began with a very basic customer feature request but has evolved into a new paradigm for defending enterprises against phishing and BEC.

Here is a quick rundown of how harmonizing user education, advanced threat detection, and automated remediation increases security maturity, and eliminates the time-suck of investigating suspicious messages and cleaning up attacks.

Security maturity

Security maturity is all about continually improving the people, processes, and technology required to reduce enterprise cyber risk to acceptable levels. Many organizations over-rely on training as the only approach to address threats like business email compromise. With this partnership, Cyren and KnowBe4 are providing a fully optimized approach to addressing BEC – an approach that continuously improves even as users join or leave the organization.

One button

This is the origin story of the alliance. KnowBe4 has the Phish Alert button to report simulated phishing attacks. Cyren has the PhishScan button to scan and triage real suspicious messages. By integrating the KnowBe4 Phish Alert functionality into the Cyren PhishScan button, organizations can deploy a single button and give users the simple instruction to click the button whenever they receive something suspicious – simulated or real. Businesses still get the benefit of automated security awareness training with the added benefit of improved operational security against phishing, malware, business email compromise.

“I want more alerts.” – Said no analyst ever

The genius of the Cyren PhishScan button is it crowd-sources the triage of suspicious messages so helpdesk or security analysts don’t have to constantly respond to users asking, “is this safe to click?” Until we have true artificial intelligence that can exactly mimic human intuition, we need to combine advanced detection techniques like machine learning with human analysis (read: your SAT power users) to quickly classify suspicious messages as malicious or benign. This approach also helps train machine learning models, so humans play less of a roll with each day. Allowing users to scan messages before submitting them keeps false positives well below 2%.

Culture of security

Cyren Inbox Security empowers users to become more cyber-aware and cyber-engaged. Enabling users to apply lessons learned from simulated tests to real-world attacks and get feedback from the system, keeping them informed and interested. Harmonizing security awareness training with advanced detection and automated incident response creates a culture of security, which improves security maturity which is measured by a reduction of false positives submitted by users and improved incident response times by SOCs.

Security Awareness Training is a best practice and mandated by most compliance frameworks. Cybersecurity executives all understand the important role employees play in protecting the enterprise, but they know automated technical controls are more reliable. The alliance between KnowBe4 and Cyren combines the best of both worlds and provides a demonstrable solution to the complex and unsolved problems of business email compromise, targeted phishing, and the fraud, ransomware and other nastiness facilitated by these attacks.

What to learn more? Download this whitepaper for best practices to harmonize automated phishing defenses and user training.

Ready to get started? Request a demo of Cyren Inbox Security.