“The cybersecurity space is having a moment,” wrote Fortune editor Polina Marinova last month. “The sector is about to heat up even more in 2019 — global spending on technology to protect sensitive data and information is expected to reach an unprecedented $124 billion this year.”

Of course, all this spending on cybersecurity technology is for naught if the human factor is ignored, which is why cybersecurity training companies are also seeing growth these days. In June, KnowBe4, a cybersecurity awareness training and simulated phishing platform company, announced a $300 million investment led by KKR.

The investment, which values the company at $1 billion, comes on the heels of a series of investments and global acquisitions:

Stu Sjouwerman, founder and CEO of KnowBe4, agrees with Fortune’s assessment of the cybersecurity market. “We’re seeing more advanced cybersecurity attacks affecting businesses and governments around the world on a daily basis, which continues to bring cybersecurity into the spotlight,” he says. “Phishing is growing, as it is a money-maker for the bad guys.”

Phishing is a type of cyberattack that uses emails requesting sensitive information that appear to be from a trusted person, such as a co-worker, friend or manager. Simulating a phishing attack by sending fake phishing emails to employees is an effective way to train employees in how to recognize (and then ignore) such emails. This type of training is critical, because human error is widely recognized as the leading risk when it comes to cybercrime.

In other words, says Sjouwerman, “You can build up all of the technological defenses you can buy, but if you’re not focused on building a human firewall, your security is severely challenged.”

Indeed, Training Industry research has found that about 10% of online learning libraries consist of at least 5% cybersecurity courses, and cybersecurity training made up about 8.5% of total revenue for IT training companies in 2017.

“Spending in cybersecurity training has been steadily increasing,” agrees Shlomi Gian, CEO of CybeReady, which announced $5 million in new funding last month for its autonomous cybersecurity training platform. “Organizations globally are realizing the need to invest in employee training and deploy different training solutions in hope to mitigate the risk of data breaches.”

In a 2018 Forbes article, Sjouwerman said of the cybersecurity training market, “This is still the early days of a multi-billion dollar industry.” The article cited research by Gartner predicting that “the training and awareness market [will] grow from $370 million in 2017 to more than $1.5 billion by 2021.” If this prediction is true, we will likely see more fund in the weeks and months to come.

“The cybersecurity training market will only continue to grow,” says Sjouwerman. “I think we’ll continue to see more engaging and interactive security awareness training content, because that’s what people are demanding. They want to be edu-tained. And we plan on rolling out more content to meet these needs.”

Share