Stu Sjouwerman

Chief Executive Officer & President

Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

Books

Cyberheist E-Book

Find all of Stu's books on Amazon

Large Phishing Campaign Abuses Open Redirects

Sep 1, 2021 9:56:19 AM By Stu Sjouwerman

Researchers at Microsoft have observed a widespread phishing campaign that’s abusing open redirectors to fool users into visiting credential-harvesting pages. Open redirects are often ...

CyberheistNews Vol 11 #34 [Heads Up] A Tricky New COVID-19 Phishing Caper

Aug 31, 2021 9:16:30 AM By Stu Sjouwerman

U.K. Organizations See Double the Number of Ransomware Attacks in the First Half of 2021

Aug 26, 2021 1:02:15 PM By Stu Sjouwerman

New analysis of ransomware incidents reported to the UK's Information Commissioner's Office (ICO) in the first half of 2021 show a massive rise when compared to 2020.

Cryptominers are Tricked out of Cryptocurrency Using Phishing Scams Involving the Purchase of Mining Equipment

Aug 26, 2021 1:02:05 PM By Stu Sjouwerman

The leveraging of Google Docs, a spoofed website, a realistic-feeling buying process, and asking for payment in cryptocurrency is all it takes to separate victims from thousands of ...

Cybercriminals Can Post Jobs on LinkedIn Posing as Any Employer They Want

Aug 26, 2021 1:01:51 PM By Stu Sjouwerman

Lax verification around what company is offering a given job on LinkedIn allows attackers to create bogus job postings for malicious purposes.

A COVID-19 Phishing Caper

Aug 26, 2021 8:47:02 AM By Stu Sjouwerman

A new phishing campaign is exploiting the ongoing uncertainty about company policies related to COVID-19, according to Roger Kay at INKY. The campaign uses emails that purport to come ...

A Look at a Ransomware Affiliate

Aug 25, 2021 8:43:02 AM By Stu Sjouwerman

The US Federal Bureau of Investigation (FBI) has issued an advisory describing a ransomware affiliate that calls itself “OnePercent Group,” the Record reports. The Record notes that the ...

Nigerian Threat Actors Solicit Victim Organization Employees to Deploy Demon Ransomware

Aug 24, 2021 1:09:38 PM By Stu Sjouwerman

The use of employees as insider accomplices potentially changes how social engineering is being used in exchange for a direct request for internal assistance.

Arrests in International Fraud Scheme Due to Social Engineering

Aug 24, 2021 11:35:39 AM By Stu Sjouwerman

Police in Romania, the Netherlands, and Ireland have arrested and charged twenty-three people accused of conducting sophisticated social engineering attacks. The organized crime group ...

Hospitals Continue to be Ransomware Targets as Half Experience Shutdowns in the Last 6 Months

Aug 24, 2021 11:35:29 AM By Stu Sjouwerman

With financial impacts as high as $46K per hour, shutting down some or all of operations due to a ransomware attack is not a decision taken lightly by hospitals, but may be the only ...

Microsoft Warns of New Phishing-Turned-Vishing-Turned-Phishing Attack Aimed at Installing Ransomware

Aug 24, 2021 11:35:19 AM By Stu Sjouwerman

In what appears to be a phishing attack that includes a mix of emails and phone calls, Microsoft reminds us to be wary of only opening emails and attachments from known contacts.

CyberheistNews Vol 11 #33 [EYE OPENER] The Anatomy Of New Smishing Attacks And How To Avoid Them

Aug 24, 2021 9:28:02 AM By Stu Sjouwerman

“Compromise” is the “C” in “MICE”

Aug 23, 2021 8:47:35 AM By Stu Sjouwerman

The FBI is warning Silicon Valley companies to be wary of insider threats, Protocol reports. FBI special agent Nick Shenkin told Protocol in an interview that authoritarian ...

CISA shares guidance on how to prevent ransomware data breaches

Aug 20, 2021 9:20:29 AM By Stu Sjouwerman

Bleepingcomputer reported: "The US Cybersecurity and Infrastructure Security Agency (CISA) has released guidance to help government and private sector organizations prevent data breaches ...

Phishing Attacks Have Increased by 22% This Year

Aug 19, 2021 8:34:15 AM By Stu Sjouwerman

The volume of phishing attacks has increased 22% this year compared to the first half of 2020, according to researchers at PhishLabs.

Defending Against Ransomware Attacks Should Start (and Can End) With Security Awareness Training

Aug 18, 2021 2:00:43 PM By Stu Sjouwerman

The world’s most dangerous, expensive, and impactful cyberattack can potentially be stopped with little more than a conscientious user who is paying attention.

Can the Microsoft 365 Platform Be Trusted to Stop Security Breaches?

Aug 18, 2021 2:00:29 PM By Stu Sjouwerman

Lax security policies, a lack of security measures and solutions in place, and an expectation that Microsoft will address any security issues is putting organizations at risk.

Deepfakes Continue to be a Concern as the Technology Improves and Becomes More Convincing

Aug 18, 2021 2:00:15 PM By Stu Sjouwerman

In the wake of the FBI’s warning about more deepfake-based cyber attacks coming in the next year, organizations should remain vigilant against this compelling form of social engineering.

Trend Micro: Most Organizations in the World Will Likely Be Compromised in the Next 12 Months

Aug 18, 2021 10:19:22 AM By Stu Sjouwerman

A new report from security vendor Trend Micro quantifies the current level of risk most organizations are facing, highlighting how ill-prepared we really are, how many have already been ...

Cyber Attacks Grow 125% as Ransomware Tops the List Plaguing Enterprise Organizations

Aug 18, 2021 10:17:02 AM By Stu Sjouwerman

With no slowdown of cyberattacks in sight, global incident volumes continue to trend upward, according to new data from Accenture’s Cyber Investigations, Forensics and Response team.

Security Awareness Training Blog

View Topics