Connecting Security Awareness Training Data to your Security Operations

products-KMSAT-HeroHighlighting the value of connecting user security awareness trainings to the critical resources those users can access

Playing out the potential implications a single decision may have on the security of your organization’s security and/or compliance is an exercise in routine for security teams. It’s not even second-nature. It’s the first-response.

But in the minds of the rest of the organization, thinking about security is the security teams job. Fortunately, security teams know the weakest link in the organization is the user that is either too busy or too absentminded to consider the worse-case repercussions of their actions. Enter the era of security democratization. Companies like KnowBe4 have helped make security everyone’s responsibility by making it easy to distribute and tracking security awareness trainings.

These trainings set out to establish a baseline of security best practices and procedures to users across your organization that aren’t thinking about the potential ramifications their decisions or oversights may result in.

Utilizing Security Awareness Training Data for More Effective Security Operations

On its own, an effective security awareness program equips your team with a baseline understanding, perspective or ability to make the right choice. Whether that is to take action (or not) on their own or educating them on whom they should escalate a decision, security awareness training has been proven to be effective.

Scale, Context and Visibility

The Challenge of Scale

Within security awareness training programs, however, an organization could be sending modules for completion along to hundreds or thousands of users. Varying schedules, vacations or other time demands mean the completion of these trainings could vary by days or weeks. Each day or week that passes means a vulnerability in a users decision making process exists with an impact that can creep across your organization.

So the challenge becomes how can a small [relative to the organization’s size] security team efficiently track down the individuals with the most to lose? Sending aggressive email reminders or alerts to everyone can make a dent in those user lapses but there is still a cloud around knowing whether or not the users with access to your most critical resources are up to date.

The Case for Context

Security teams need the context that comes from pairing security operations with their security awareness training to effectively navigate the noise. They need visibility across their digital environment. They need to be able to quickly and effectively map users whom are out of date with the training with the resources they can access to know where they are most vulnerable. The uneducated user is the weakest link in the chain.

The Challenge of Visibility

Collecting the data across your organizations environment can be time intensive. There are hundreds of resources in production’s environments that are constantly changing, not to mention the addition or subtraction of team members. On top of that, a security teams ability to make sense of the data after navigating dozens of accounts requires a level of infrastructure and DevOps savviness they may not have.

To obtain visibility for analysis, security teams need to be able to understand what a resource’s configuration or user’s access level means from a compliance or operations perspective, something that is not a given.

The Complete Picture

By aligning what is happening and changing across your environments with your security awareness training modules, you can paint the complete picture of your security policies and procedures at work. You are able to detect whether or not users are learning how to align with your policies and quickly spot those users whose behaviors and or education show they are not aligned.

By painting a complete picture of your security operations by aligning and integrating with your security awareness training, you can begin to detect potential vulnerabilities before they occur. You can also quickly put the right training modules in front of employees to ensure they understand the best practices expected of them.

Will this picture prevent data breaches or gaps in your security posture? Probably not. People are still fallible. But you will be able to tell who is exposing the organization to the greatest risk and quickly remediate.

Connecting the Dots, Automatically, with KnowBe4 and JupiterOne

Organizations leveraging KnowBe4 are already familiar and realizing the impact of an effective security awareness program. Integrating these trainings with your security operations, however, requires a lot of time security teams don’t have.

About JupiterOne

JupiterOne is a precision security platform that allows organizations to pull all of their digital resources into a single, centralized hub via managed integrations or the JupiterOne API. Once the data is collected, JupiterOne uses a graph database to map all of the relationships across these resources to each other. That means connecting users, their devices, the accounts they are accessing, whether or not MFA is in place, their employment status and more is in a single location for analysis.

KnowBe4 Integration

With the context of the rest of your environment in place, JupiterOne’s manage integration with KnowBe4 means you are able to connect those same employees to the security awareness training modules they have or have not completed.

Using rules or simple queries, your security team can easily determine which users have lapsed on specific modules and have access to critical resources that would otherwise leave you exposed. This context makes it easy to prioritize who needs pestering or even revoked access until the training is complete.

It isn’t that the training isn’t important for everyone to complete to ensure security is underlined as everyone’s job, but it this sort of context that help your security team understand that certain users can leave you even more vulnerable to crippling attacks.


Security awareness training is critical to ensure a foundational understanding of security best practices for cloud-based organizations. When security is everyone’s responsibility, your organization will more quickly detect threats or vulnerabilities. Folding your awareness program directly into your operations will help your team be able to accurately assess your security posture and enables swift action to limit your exposure to risk.


Free Phishing Security Test

Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

PST ResultsHere's how it works:

  • Immediately start your test for up to 100 users (no need to talk to anyone)
  • Select from 20+ languages and customize the phishing test template based on your environment
  • Choose the landing page your users see after they click
  • Show users which red flags they missed, or a 404 page
  • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
  • See how your organization compares to others in your industry

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews