Stu Sjouwerman

Stu Sjouwerman is founder and CEO of KnowBe4, developer of security awareness training and simulated phishing platforms. He was co-founder of Sunbelt Software, the anti-malware software company acquired in 2010. He is the author of four books, including “Cyberheist: The Biggest Financial Threat Facing American Businesses.” He can be reached at ssjouwerman@knowbe4.com.

Add 'prompt' to the long list of injection attacks

Stu Sjouwerman

May 5, 2023

Generative AI tools can be manipulated to accomplish malicious tasks, reveal sensitive information or ignore safety filters with the right prompt.

Initial access brokers: The new face of organized cybercrime

Stu Sjouwerman

September 28, 2022

While there is no one-size-fits-all to security, here are some recommendations that organizations can use to reduce the threat of initial access brokers (IABs).

Four ways cybercriminals can hack passwords

Stu Sjouwerman

June 2, 2022

Learn about four techniques hackers usually employ to hack usernames and passwords, as well as tips to bolster password defense.

Data privacy in 2022: Four recommendations for businesses and consumers

Stu Sjouwerman

March 22, 2022

There isn’t a silver bullet to consumer data privacy; different organizations are at different stages of privacy maturity. However, there are four steps organizations can take to advance their data privacy program maturity.

5 tips for building a positive anti-phishing behavior management program

Stu Sjouwerman

February 17, 2022

Five tips to help organizations create a positive anti-phishing behavior management program and six common mistakes to avoid.

If you want to safeguard your organization, focus on people

Stu Sjouwerman

April 19, 2021

A security team can sink an infinite amount of time and resources into strengthening your infrastructure, but it’s all for nothing if a default password is used by an exec, or someone in HR makes the mistake of responding to a clever phishing message. Cybercriminals will always find the path of least resistance and for most organizations the easiest way in is through the people.

Smishing and vishing: Explained and explored

Stu Sjouwerman

February 18, 2021

Ransomware attacks, phishing scams, fake news and several other cyberattacks made headlines in 2020. As millions of Americans shifted to remote work for business continuity, cybercriminals sprung into action, evolving their social engineering tactics. Smishing and vishing are new variants that are fast gaining traction, targeting mobile phones.

5 reasons why scams survive, thrive, and succeed

Stu Sjouwerman

December 29, 2020

Computer fraud, or cyber-scamming, is a multi-billion-dollar industry that affects people and organizations around the world. Since the pandemic started, cybersecurity experts have tracked a 400% rise in online scams. The world is evolving at a rapid pace and with everything getting connected and automated scammers are bound to adapt, thrive and succeed. Let’s understand the top five reasons:

So, what is the safest password policy? It’s complicated

Stu Sjouwerman

August 24, 2020

Let’s face it, passwords are a pain. As we’ve been pushed towards using longer and ever more complex passwords, and told to update them with increasing frequency, password management has become something of a headache. We’ve gone from simple, easy to remember passwords to 12- or 16-character passwords that must contain a mixture of upper and lowercase letters, numbers and symbols.

Ransomware: Avoid Becoming the Next Victim

Stu Sjouwerman

March 18, 2020

Ransomware has quickly emerged as a massive cybersecurity threat and is evolving continuously. Certainly, recent ransomware incidents should serve as a wake-up call for all businesses to remain vigilant against ransomware. To minimize the chances of being victimized by ransomware means going back in time to understand how ransomware developed and how it evolved.