Latest news with #PerryCarpenter
Techday NZ
30-06-2025
- Business
- Techday NZ
KnowBe4 launches free self-assessment to boost security culture
KnowBe4 has released a free self-assessment tool, the Program Maturity Assessment (PMA), aimed at helping IT and cybersecurity leaders evaluate and enhance their organisation's security culture with a particular focus on human risk management. Practical assessment for human risk The Program Maturity Assessment (PMA), developed by security culture specialist Perry Carpenter, seeks to bridge the gap between human behaviour and cybersecurity practice. Unlike many technical assessments or frameworks requiring external consultants, the PMA offers a structured and jargon-free self-assessment. It translates cybersecurity concepts into concrete, actionable recommendations suitable for organisations of varying sizes and across industries. The assessment examines ten critical dimensions of security culture, considering elements such as leadership involvement, employee behaviour, and the integration of business processes. Users receive quantifiable and visual feedback across 40 Culture Maturity Indicators (CMIs), enabling an objective understanding of both strengths and vulnerabilities in their current practices. Customised recommendations After completing the PMA, participants are provided with a personalised maturity classification mapped onto a five-level scale. This is visualised across each assessed dimension, giving a comprehensive picture of where improvements are needed. Alongside this, PMA delivers prioritised and actionable steps intended to strengthen what is often described as the 'human firewall' within organisations. Additionally, the tool's output identifies specific gaps, from employee mindset to executive communication. Organisations also receive a strategic roadmap with tailored recommendations, allowing for focused resource allocation and plans for ongoing cultural development. Developed with clarity in mind "Every meaningful program requires clarity: clarity of purpose and clarity of impact. This is especially true with Human Risk Management programs where lack of clarity and impact will leave an organization exposed in ways they may not appreciate." said Perry Carpenter, chief human risk management strategist at KnowBe4. "Organisations need a way to demonstrate effectiveness of their human risk management program and show leadership its value. This is especially true when programs fail to account for the human element—employees whose everyday decisions significantly impact organizational security. The PMA offers a clear, data-driven approach that helps leaders identify key areas for improvement, allocate resources more effectively, and build a stronger, more resilient security culture. It's about giving organizations the insight they need to make informed decisions and foster lasting cultural change." The PMA represents a response to increased targeting and exploitation of human actions by cyber attackers. According to KnowBe4's own "Security Culture: How-To Guide", security culture is a significant predictor of secure behaviour, yet many organisations lack the means to assess and improve it in a systematic way. Optional consultation for next steps Beyond the immediate recommendations provided by the PMA, organisations can opt for a follow-up consultation to explore KnowBe4's broader Human Risk Management (HRM+) platform. This includes further modules for awareness and compliance training, cloud email security, real-time coaching, crowdsourced anti-phishing resources, and AI-driven defence tools, intended to provide ongoing support for building a more resilient security culture. KnowBe4 reports being used by more than 70,000 organisations globally and positions its offerings as a way to create measurable improvements in the security mindsets and behaviours of workforces. The new PMA tool is available free of charge to support organisations in understanding and developing data-driven strategies for security culture improvement starting with their people.
Business Upturn
30-06-2025
- Business
- Business Upturn
KnowBe4 Announces New Assessment Tool to Enable Data-Driven Security Culture Improvements
By GlobeNewswire Published on June 30, 2025, 19:59 IST TAMPA BAY, FL, June 30, 2025 (GLOBE NEWSWIRE) — KnowBe4, the world-renowned cybersecurity platform that comprehensively addresses human risk management, released today the KnowBe4 Program Maturity Assessment (PMA), a free, strategic tool designed to help IT and cybersecurity leaders measure and improve their organization's security culture—starting with the people. As human actions are targeted and exploited by attackers with increased sophistication, organizations need clarity on what is working and how to measure improvement. According to KnowBe4's Security Culture: How-To Guide , security culture is one of the strongest predictors of secure behavior, yet few organizations have the tools to assess and manage it effectively. Created by security culture expert Perry Carpenter, the PMA offers a structured, practical self-assessment framework focused on Human Risk Management (HRM). Unlike technical assessments or consultant-heavy frameworks, the PMA delivers actionable insights across ten critical dimensions of security culture—without the jargon. It translates abstract cybersecurity concepts into concrete actions that organizations can take immediately, regardless of size or industry. Key Features of the PMA: Holistic Evaluation : Examines leadership, employee behavior and business process integration Examines leadership, employee behavior and business process integration Objective Scoring : Provides clear, quantifiable results across 40 Culture Maturity Indicators (CMIs) Provides clear, quantifiable results across 40 Culture Maturity Indicators (CMIs) Identify Gaps : Pinpoints exact areas of weakness, from employee mindset to executive communication Pinpoints exact areas of weakness, from employee mindset to executive communication Strategic Roadmap : Offers customized recommendations based on maturity level Offers customized recommendations based on maturity level Actionable Next Steps: Delivers next steps to strengthen the human firewall After completing the assessment, users receive a personalized maturity classification on a five-level scale, visual feedback across all dimensions, and prioritized recommendations. Those looking to deepen their efforts can opt into a follow-up consultation to explore how the KnowBe4 HRM+ platform can accelerate maturity and build a lasting security culture. 'Every meaningful program requires clarity: clarity of purpose and clarity of impact. This is especially true with Human Risk Management programs where lack of clarity and impact will leave an organization exposed in ways they may not appreciate.' said Perry Carpenter, chief human risk management strategist at KnowBe4. 'Organizations need a way to demonstrate effectiveness of their human risk management program and show leadership its value. This is especially true when programs fail to account for the human element—employees whose everyday decisions significantly impact organizational security. The PMA offers a clear, data-driven approach that helps leaders identify key areas for improvement, allocate resources more effectively, and build a stronger, more resilient security culture. It's about giving organizations the insight they need to make informed decisions and foster lasting cultural change.' To learn more or complete the assessment, visit About KnowBe4 KnowBe4 empowers workforces to make smarter security decisions every day. Trusted by over 70,000 organisations worldwide, KnowBe4 helps to strengthen security culture and manage human risk. KnowBe4 offers a comprehensive AI-driven 'best-of-suite' platform for Human Risk Management, creating an adaptive defense layer that fortifies user behavior against the latest cybersecurity threats. The HRM+ platform includes modules for awareness & compliance training, cloud email security, real-time coaching, crowdsourced anti-phishing, AI Defense Agents, and more. As the only global security platform of its kind, KnowBe4 utilises personalised and relevant cybersecurity protection content, tools and techniques to mobilise workforces to transform from the largest attack surface to an organisation's biggest asset. Disclaimer: The above press release comes to you under an arrangement with GlobeNewswire. Business Upturn takes no editorial responsibility for the same. Ahmedabad Plane Crash GlobeNewswire provides press release distribution services globally, with substantial operations in North America and Europe.
Associated Press
30-06-2025
- Business
- Associated Press
KnowBe4 Announces New Assessment Tool to Enable Data-Driven Security Culture Improvements
TAMPA BAY, FL, June 30, 2025 (GLOBE NEWSWIRE) -- KnowBe4, the world-renowned cybersecurity platform that comprehensively addresses human risk management, released today the KnowBe4 Program Maturity Assessment (PMA), a free, strategic tool designed to help IT and cybersecurity leaders measure and improve their organization's security culture—starting with the people. As human actions are targeted and exploited by attackers with increased sophistication, organizations need clarity on what is working and how to measure improvement. According to KnowBe4's Security Culture: How-To Guide, security culture is one of the strongest predictors of secure behavior, yet few organizations have the tools to assess and manage it effectively. Created by security culture expert Perry Carpenter, the PMA offers a structured, practical self-assessment framework focused on Human Risk Management (HRM). Unlike technical assessments or consultant-heavy frameworks, the PMA delivers actionable insights across ten critical dimensions of security culture—without the jargon. It translates abstract cybersecurity concepts into concrete actions that organizations can take immediately, regardless of size or industry. Key Features of the PMA: After completing the assessment, users receive a personalized maturity classification on a five-level scale, visual feedback across all dimensions, and prioritized recommendations. Those looking to deepen their efforts can opt into a follow-up consultation to explore how the KnowBe4 HRM+ platform can accelerate maturity and build a lasting security culture. 'Every meaningful program requires clarity: clarity of purpose and clarity of impact. This is especially true with Human Risk Management programs where lack of clarity and impact will leave an organization exposed in ways they may not appreciate.' said Perry Carpenter, chief human risk management strategist at KnowBe4. 'Organizations need a way to demonstrate effectiveness of their human risk management program and show leadership its value. This is especially true when programs fail to account for the human element—employees whose everyday decisions significantly impact organizational security. The PMA offers a clear, data-driven approach that helps leaders identify key areas for improvement, allocate resources more effectively, and build a stronger, more resilient security culture. It's about giving organizations the insight they need to make informed decisions and foster lasting cultural change.' To learn more or complete the assessment, visit About KnowBe4 KnowBe4 empowers workforces to make smarter security decisions every day. Trusted by over 70,000 organisations worldwide, KnowBe4 helps to strengthen security culture and manage human risk. KnowBe4 offers a comprehensive AI-driven 'best-of-suite' platform for Human Risk Management, creating an adaptive defense layer that fortifies user behavior against the latest cybersecurity threats. The HRM+ platform includes modules for awareness & compliance training, cloud email security, real-time coaching, crowdsourced anti-phishing, AI Defense Agents, and more. As the only global security platform of its kind, KnowBe4 utilises personalised and relevant cybersecurity protection content, tools and techniques to mobilise workforces to transform from the largest attack surface to an organisation's biggest asset. Kathy Wattman KnowBe4, Inc. 7274749950 [email protected]
Forbes
22-05-2025
- Business
- Forbes
Five AI-Powered Threats Senior Leaders Should Be Aware Of
Perry Carpenter is Chief Human Risk Management Strategist for KnowBe4, a cybersecurity platform that addresses human risk management. We're all too familiar with warnings about phishing scams, and they're still a security issue we need to be aware of. But there are a wide range of other concerns, beyond phishing, that should have your attention—and that you should be sharing with colleagues so they can collaborate with you to protect your company and assets. We're moving into what I call the 'Exploitation Zone'—a widening gap between technological advancement and human adaptability. It is, admittedly, tough to keep up unless, like me, you're singularly focused on data security and staying on top of increasingly sophisticated ploys by bad actors to exploit your human nature. Here are five AI-powered threats you need to understand and take steps to respond to. It's not just emails we have to be worried about these days. Today's hackers can spoof more than email addresses. One of the quickly emerging scams is voice phishing, or vishing. Just last year, we saw a 442% increase in vishing attacks between the first and second half of 2024, according to CrowdStrike. Using publicly available voice snippets they can access via earnings calls, podcasts, video calls or media interviews, cybercriminals are able to create hard-to-detect voice clones. This can take the form of a frantic call from a 'grandchild' to a grandparent asking for money to help get them out of a jam. It can also take the form of a demanding call from a 'CEO' to release funds through a bank transfer. Suggestion: Put steps in place to verify any requests for financial transactions, especially those received via calls or voice messages; consider using authentication questions that only legitimate business representatives would know. Since the pandemic, it's not unusual for many types of meetings to take place in a virtual environment. That includes board meetings. When your board members are participating virtually, there's a chance for manipulation by bad actors. That's not just the stuff of science fiction. Deepfakes have already been used to influence critical business decisions or access sensitive information. A U.S. judicial panel has even considered how deepfakes could disrupt legal trials. Chances are that images and video clips of your board members and senior leaders exist. All cybercriminals need to do is get access to a few seconds of a voice recording, video, or sometimes even a single image and use generative AI tools to create audio and video that most people won't be able to discern from the real. Think I'm exaggerating? You can see me demoing the tools and tactics here. Suggestion: Make sure you're using authentication to protect the security of any video calls. Implement multifactor authentication and establish verification procedures that involve different communication channels. And also, similar to the suggestion for No. 1, consider creating safe words or a verbal challenge/response procedure. In 2023, a fake, likely AI-generated photo of an alleged explosion near the Pentagon briefly caused the S&P 500 to drop. Suggestion: Develop crisis response plans to address the potential for synthetic media attacks, including rapid verification channels that can be used with targeted news outlets and financial partners. Imagine a disgruntled employee using AI voice cloning to generate a fake audio recording of their CEO making discriminatory remarks. Or, picture an AI-generated video showing a senior-level official involved in questionable activities. It's all too possible with the rise of AI-generated content that is now literally at the fingertips of anyone with an axe to grind. Even when these attempts are proven to be false, the damage remains. It used to be true that 'seeing is believing.' That's still true, but what we're seeing may not be actually believable. Suggestion: Be aggressive in monitoring digital channels for synthetic content related to your organization and your key executives, board members and other representatives. Have rapid response plans in place to address any incidents that occur, and be prepared to provide evidence of manipulation. Large language models (LLMs) are the foundational technology behind many generative AI tools. While LLMs themselves don't access real-time information, threat actors can leverage these tools—often in combination with publicly available data about your organization—to craft hyper-personalized phishing campaigns and social engineering attacks. These messages can closely mimic the tone and style of internal communications, making it increasingly difficult for recipients to distinguish between legitimate and malicious content. In a now widely reported incident, what was likely a combination of voice cloning and video deepfakes were used to convince an employee at a multinational firm in Hong Kong to pay out $25 million. After participating in what turned out to be a fake, multi-person video conference call, and despite some initial misgivings, the employee did as requested. Suggestion: Train staff members to recognize the warning signs of AI-enabled impersonation, such as limited interaction or refusal to answer unexpected questions. And encourage them to trust their gut. If something feels off, it probably is, and they should pursue additional verification options. Repeated exposure to information and examples of the many ways bad actors are attempting to infiltrate and influence organizations and employees can help keep the threats top-of-mind and help minimize the chances of falling prey to these attacks. Forbes Business Council is the foremost growth and networking organization for business owners and leaders. Do I qualify?
CNN
18-05-2025
- CNN
CNN correspondent walks through aftermath of deadly tornado
Deepfake detectors fooled by expert With AI technology creating more and more realistic deepfakes, detectors are not up to the challenge of realizing what is real and what is fake, according to an industry expert. CNN's Isabel Rosales looks at how this technology can be bypassed and what you can do to protect yourself. An earlier version of this video gave the incorrect title for Perry Carpenter. He is the Chief Human Risk Management Strategist at KnowBe4.
