Security culture is defined as the ideas, customs and social behaviors of a group that influence its security. KnowBe4’s Security Culture Maturity Model is an evidence-driven framework for understanding and benchmarking the current security-related maturity of an organization, industry vertical, region or any measurable group. It establishes five different maturity levels based on a variety of factors:
- Level 1: Basic Compliance
- Level 2: Security Awareness Foundation
- Level 3: Programmatic Security Awareness & Behavior
- Level 4: Security Behavior Management
- Level 5: Sustainable Security Culture
“Security culture is a concept that is often discussed but rarely understood,” said Kai Roer, chief research officer, KnowBe4. “This new and groundbreaking maturity model will provide organizations with the ability to gain more insight into where they stand regarding security-related maturity. The KnowBe4 Security Culture Maturity Model will equip security leaders with a definitive guide based on decades of research in this area to help them advance their security culture by leveling up their efforts.”
“I am particularly excited about this model because it has the potential to offer the world a data-driven, real-world look into the evolution of security culture maturity,” said Perry Carpenter, chief evangelist and strategy officer, KnowBe4. “We have defined scores of ‘Culture Maturity Indicators’ (CMIs) that, when evaluated in aggregate, allow this model to operate with unparalleled precision. Another critical factor we had in mind when developing this model is that we want it to serve the world; not just KnowBe4 customers. Of course, KnowBe4 customers will benefit from having added precision because their data can automatically feed the model, but we are also developing sets of measurement tools, worksheets and more that anyone will be able to benefit from.”
To download the KnowBe4 Security Culture Maturity Model, visit https://www.knowbe4.com/security-culture-maturity-model.
About KnowBe4
KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, is used by more than 47,000 organizations around the globe. Founded by IT and data security specialist Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness about ransomware, CEO fraud and other social engineering tactics through a new-school approach to awareness training on security. Kevin Mitnick, an internationally recognized cybersecurity specialist and KnowBe4's Chief Hacking Officer, helped design the KnowBe4 training based on his well-documented social engineering tactics. Tens of thousands of organizations rely on KnowBe4 to mobilize their end users as the last line of defense.