KnowBe4 Acquires CLTRe; Shines Spotlight on Security Culture Measurement
May 2019 by Patrick LEBRETON
Acquisition further demonstrates importance of managing the human risk and cements KnowBe4’s presence in Europe
KnowBe4 announce the acquisition of CLTRe —pronounced “Culture”— a Norwegian company focused on helping organisations assess, build, maintain and measure a strong security posture. CLTRe will continue to operate as an independent subsidiary of KnowBe4, and service customers globally. CLTRe’s Toolkit and Security Culture Framework will be available to all KnowBe4 customers later this year.
According to The 2018 Cybersecurity Culture Report, 95 percent of organisations see a gap between their current and desired organisational cybersecurity culture. With 94 percent of malware being delivered via email (2019 DBIR), it’s clear that working with users to minimise cyber risk and improve security culture is key.
The 2018 Security Culture Report shows the value of being able to measure culture, helping organisations to demonstrate the effectiveness of their organisational security controls, as required by GDPR, CCPA and other regulations. Interestingly, the finance industry demonstrated an overall healthy improvement in culture from 2017 while the real estate industry showed a decline.
CLTRe created the CLTRe Toolkit and the Security Culture Framework, which work in tandem to help organisations gather evidence about their current security culture and how it changes over time. The acquisition of CLTRe is advantageous for both KnowBe4 and CLTRe clients; KnowBe4 users will gain access to a research-driven measurement platform to show how their security culture program matures over time. And CLTRe clients will be introduced to the industry’s most progressive and easiest-to-use SAT and simulated phishing platform to help educate users and change their behaviour.
CLTRe measures the seven dimensions of security culture: behaviour, responsibilities, cognition, norms, compliance, communication and attitudes.