OK, let’s sum up where we are, here at the end of December 2020. COVID has propelled IT from 2020 to 2030 in a matter of months. However, only a few of us were ready to have the large majority of our users to Work From Home. Your old firewall is useless. The hardware endpoint with its software security stack now sits in your user’s bedroom.

Bad guys consider your user their most rewarding attack surface. It takes 3 months to hack hardware, 3 weeks to hack software, and 3 minutes (if that) to hack a human. You hope your secure gateways do the job but you know that bad stuff gets through your filters and that MFA can be hacked.

WFH is driving orgs to move mission-critical apps to the cloud in a major hurry. That means cloud security suddenly has become paramount and industry pundits predict massive growth from 2021 forward. Cloud-native security companies like CrowdStrike reported 86% year-over-year growth in their recent quarter.

Russia is flexing its hacking- and geopolitical muscle. The SolarWinds supply chain attack spread chills through IT and government circles. This is very likely the U.S.’ worst hack ever, and the damage is still being assessed. It’s not sure yet how they initially got into SolarWinds (spear-phishing?) but we know Russia’s FSB (their equivalent of the CIA) hacked the SolarWinds Dev-team’s MFA access once they owned the SolarWinds network.

So, how about those end-of-year InfoSec Budget quick wins?

During 2020, many IT pros have found that their current IT stack has become too expensive to support and that existing technology debt makes the pivot to the cloud difficult. It is urgent to do a gap analysis and look at the following four areas from a Zero-trust perspective:

• VPN and data encryption
• Data and user access
• Cloud infrastructure security
• End-user security education

It’s time to throw overboard the “trust, but verify” and move to the “never trust, always verify” policy. Each of these strategic areas can give you quick wins if you do them correct in your accelerated digital transformation.

Your cloud security starts with your users. The fastest way to dramatically reduce your end-user attack surface is to step them through new-school security awareness training at the house, and that includes frequent social engineering tests as the always-verify process. Existing office-focused awareness education does not always translate to the house.

How does 127% ROI with a one-month payback sound?

Forrester did a Total Economic Impact™ (TEI) study, examining the potential Return on Investment (ROI) orgs might realize by implementing KnowBe4. The resulting research paper assessed the performance of the KnowBe4 platform. How does 127% ROI with a one-month payback sound?

And..Did You Know?

The KnowBe4 platform has its own built-in Learning Management System that you can use to upload your org’s own training modules, so you can use KnowBe4 to train all of your users on anything while they WFH.

The fastest return on your budget dollar, the quickest results, happy camper users and frankly the most fun is to fast-track a PO before the year ends, and get quickly onboarded in January by one of our award-winning CSMs. Get a quote now, ask for your end-of-quarter discount, and find out how surprisingly affordable this is for your organization. 35,000+ of your peers can’t be wrong.

** Optrics Inc. is an Authorized KnowBe4 partner

Find out how affordable new-school security awareness training is for your organization. Get a quote now.

The original article can be found here:

https://blog.knowbe4.com/heads-up-heres-some-powerful-ammo-to-grab-more-of-your-end-of-year-infosec-budget