Yesterday, PhishMe's CEO Rohyt Belani came out with a great new initiative. They have created a "lite" version of their platform — they call it simplified — and they are giving it away for sites with 500 employees or less.
Why do we think this such a good idea?
This is still a very young market. Traditional security awareness training which was done once a year, usually with a "death-by-powerpoint" session, simply does not work anymore, if it ever has.
New-school awareness training, or version 2.0 if you will, takes it to the next level with an initial baseline phishing test, then on-demand interactive training, and as the third step frequent social engineering tests year-round.
There are three main Gartner leaders in this space:
- KnowBe4,
- Phishme, and
- Wombat.
I suggest you download the Gartner
Magic Quadrant - it's the ultimate shortlist. Note that KnowBe4 has more customers than all the other players in the leaders quadrant
combined. There is a reason for that.
PhishMe and Wombat have been competing in the large enterprise space for years. That space is now mostly saturated and what we call in the industry a "replacement market", meaning you have to unseat an incumbent. To expand, they need to move down-market, but that is hard when your cost structure and pricing is based on enterprise sales.
The Small and Medium Business (SMB) space is where KnowBe4 started in 2010. We are the clear market leader in SMB, but have added a slew of high-end enterprise features, moved upmarket over the years and are now also (very) successfully competing in the enterprise space, but keeping our prices super affordable.
Now, SMB is still a "green field" area with millions of organizations that need to get going with new-school awareness training. Many of them need to be enlightened that if you use anti-virus, that is only half the battle, and the email security gap shows a 10.5% miss rate, so you also need to create a human firewall.
The PhishMe Free initiative is going to significantly help developing this market, and get the message out to all organizations big and small, that today creating a human firewall is not optional, it's a must-do security control.
Once these organizations have played in PhishMe's sandbox for a while, and realize it's actually worthwhile (and also fun) to phish your own users, they will want to spend their super valuable time using a best-in-class platform with all the features they really need to do this right. "Free" is never really free, your time is your most limited resource.
Techcrunch had an article about this where they said: "While Belani [Phishme's CEO] understands all too well that no solution will ever be completely fool-proof, especially as the people running these scams get increasingly sophisticated in their approaches, the goal is to reduce the risk associated with phishing attacks. The free product lets any company get started with the basics while raising awareness. If they need more, they can upgrade, he says."
Upgrade indeed.
That is why when I heard this, I was instantly super-enthused. Once the customer has been convinced by the PhishMe sandbox, they will want to use a best-in-class platform at a no-brainer price. PhishMe Free will be super helpful for KnowBe4 sales. Yesterday, KnowBe4 celebrated it's 7-th anniversary, the company could not have gotten a better birthday present. Thanks Rohyt !
[This post was updated 1/19/2018]
Stu Sjouwerman
Founder and CEO
