Why might you be looking for a KnowBe4 alternative? The world´s biggest security awareness training platform has a massive content library that has been described as unique, varied, and engaging. It has been named a “Leader” in the Forrester Wave for Security Awareness and Training Solutions and in Gartner´s Magic Quadrant for Security Awareness Computer-Based Training.
Furthermore, among dozens of other awards and accreditations during 2021, KnowBe4 was classified as a “market leader” by Cyber Defense Magazine in both the Cybersecurity Training and Anti-Phishing categories, it won an OnCon Top 25 Information Security Vendor Award, and an SC Award for Best IT Security-Related Training. Even KnowBe4´s blog won an award!
So, why might you be looking for a KnowBe4 alternative? Well, the thing is that these accolades are awarded by IT experts with years of experience in evaluating security solutions. They understand how each platform works, what their capabilities are, and how businesses can benefit from using them. However, not every business has this level of experience and expertise at its disposal.
Issues with the KnowBe4 Platform
For businesses that do not have expert-level IT personnel, the KnowBe4 platform can be confusing. Depending on which “level” you subscribe to, you could have access to more than 200 security documents, 300 training modules, and 500 video modules. Although these are searchable, it may be impossible to determine which modules are appropriate for specific members of your workforce.
The volume of training material – described as “unique, varied, and engaging” by Forrester – has caused issues according to businesses reviewing the platform for Gartner´s Peer Insights. Reviewers have noted:
- “We had difficulties finding training on some issues”
- “It was more difficult than I wanted to select activities, then assign them to people”
- “It was not suitable for non-technical users in a business environment like ours”
- “The program can be difficult to learn at first”
- “Not easily understandable for inexperienced users”
Some businesses have also been less-than-impressed with the nature and quality of the content. One contributor to Gartner´s Peer Insights wrote “the amount of test phishing email is excessive, and the test phishing email is easy to spot”, while another commented “They have some good phishing games, but that’s about all. The other games all felt outdated in style and almost forced.”
These issues can result in system administrators spending hours identifying role-appropriate content or employees receiving security awareness training that is not appropriate to their roles. The ease of spotting phishing emails can give a false sense of security, while training that leaves employees feeling that they have wasted their time will not help reduce their susceptibility to online threats.
Is KnowBe4 Really a “Leader” in Security Awareness Training?
Possibly the most important issues with the KnowBe4 platform are highlighted in the Forrester Wave for Security Awareness and Training Solutions. In the report, Forrester advises businesses to “look for vendors that offer human risk quantification and calculate risk based on actual user behavior, not quiz and simulation scores”. Yet despite naming KnowBe4 as a “leader”, Forrester only awarded KnowBe4 1.68 points (out of 5 points) for risk quantification.
Almost every other KnowBe4 alternative evaluated by Forrester scored the same or higher for “Risk Quantification”, while KnowBe4 also scored poorly for “Metrics and Measuring Capabilities” and “Reporting Capabilities”. What these low scores mean is that employees who may score well in test environments can fail to identify a genuine phishing email in a real-life scenario – especially if the genuine phishing email triggers an emotive response the employee is not prepared for.
The limited measuring and reporting capabilities also mean that businesses may be unable to benchmark employee susceptibility to online threats, measure improvement, and align cybersecurity strategies with desired business outcomes. Looking at the ratings in full, it could be argued that KnowBe4 only achieved a “leader” rating was because it scored highly in areas unconnected with security awareness training such as “Market Approach”, “Commercial Model”, and “Revenue”.
Understanding KnowBe4 Pricing
One further reason why you might be looking for a KnowBe4 alternative is the KnowBe4 pricing structure. For those not familiar with how it works, there are four subscription levels – Silver, Gold, Diamond, and Platinum – and two optional add-ons. The “Compliance Plus” add-on contains a further 200+ pieces of content, while the “PhishER” add-on consists of software for triaging suspicious emails so that those harboring the most serious threats can be prioritized.
There are also three levels of training content. The first is included in the Silver subscription package, the second in the Gold package, and the third in the Platinum package. This means that unless you subscribe to the Platinum and purchase the Compliance Plus add-on there could be gaps in your security awareness training program. There could also be issues with employee retention, as all but two of the security awareness games are included in the Platinum package.
KnowBe4 pricing is determined by the subscription level, the number of seats, the length of your subscription (discounts are available for three year commitments), and the country in which you are located. You can also get a discount if you run a non-profit organization or if you upgrade from one subscription level to a higher level. However, a North American business with 500 employees will typically pay $41.50 per employee per year for a KnowBe4 Platinum package plus two add-ons.
What is the Best KnowBe4 Alternative?
Gartner´s Peer Insights list fifty-two alternatives to KnowBe4. These vary in their capabilities from video modules solely focusing on email phishing, to more comprehensive platforms which, like KnowBe4, provide training on different types of online threat. It is impossible to compare every KnowBe4 alternative against each other, but one of the best ways to identify which may be best for your organization is to sort the reviews in order and start with the highest rated.
This exercise produces a shortlist of highly-rated security awareness training platforms and one in particular catches the eye – Cyber Risk Aware. Cyber Risk Aware has recently been acquired by TitanHQ – a leading provider of web filters, email filters, archiving solutions, and data encryption systems. The addition of Cyber Risk Aware (now rebranded as SafeTitan) to the existing portfolio of security products enables businesses to maximize their defenses against online threats.
Even as a standalone product, SafeTitan is a suitable KnowBe4 alternative, having a more manageable library of training materials, automated administration, and a risk and compliance reporting suite. Being cloud-based, SafeTitan is also easy to implement, configure, and customize to meet a business´s training requirements. Compared to the comments about KnowBe4, this is what Gartner´s Peer Insight reviewers had to say about SafeTitan:
- “It was proven to be as easy to implement and understand as we had envisaged”
- “The process was really easy from start to finish, and I had no issues throughout”
- “One of the best awareness training tools I have seen and used”
- “This product has huge information about the cyberattacks and risks a company can face”
- “This gave us a tool to understand what they knew and more importantly what they THOUGHT they knew”
Not only does SafeTitan cost considerably less than KnowBe4, but it also has a transparent pricing structure to avoid businesses paying for content they will never need. If you would like to know more about SafeTitan, TitanHQ is offering potential customers a free demo of the platform in action. The demo is presented by a training expert who will be able to answer any questions you have about SafeTitan and why it is may be a suitable KnowBe4 alternative for your business.