Call a Specialist Today! 800-886-5369

Report: 2023 Phishing By Industry Benchmarking

Find out how you are doing compared to your peers of similar size.

As a security leader, you’re faced with a tough choice.

Cyber threats continue to grow as criminals rely on the tried and tested attack methods while developing new, more sophisticated ways to infiltrate digital environments and minimize the effectiveness of your human defense layer.

However, there’s an often overlooked security layer that can significantly reduce your organization’s attack surface: New-school security awareness training.

Our 2023 Phishing By Industry Benchmarking study analyzed a data set of 12.5 million users across 35,681 organizations with over 32.1 million simulated phishing security tests. This report highlights employee Phish-prone™ Percentages by industry, revealing at-risk users that are susceptible to phishing or social engineering attacks. The research also reveals radical drops in careless clicking after 90 days and 12 months of new-school security awareness training.

You will learn more about:

  • New phishing benchmark data for 19 industries and seven geographical regions
  • Understanding who’s at risk and what you can do about it
  • Actionable tips to create your “human firewall”
  • The value of new-school security awareness training

Executive Takeaways


Security and risk management leaders need to understand that in order to favorably change overall security behaviors within their organizations, their programs must have:

  • A clearly defined and communicated mandate
  • A strong alignment with organizational security policies
  • An active connection to overall security culture and human layer of security
  • The full support of executives

How Can We Help? We Offer The most powerful anti-phishing protection available in the world:

What is PhishER?

PhishER is the key ingredient of an essential security workstream. It's your lightweight Security Orchestration, Automation and Response (SOAR) platform to orchestrate your threat response and manage the high volume of potentially malicious email messages reported by your users. And, with automatic prioritization of emails, PhishER helps your InfoSec and Security Operations team cut through the inbox noise and respond to the most dangerous threats more quickly.

Find Out MoreAt-a-glance 

What is PhishER Plus?

PhishER Plus is powered by a new, unique KnowBe4 global threat feed. This triple-validated phishing threat feed automatically blocks phishing attacks before they make it into users’ inboxes using:

  • 10+ million highly trained end-users and their PhishER Administrators
  • PhishML, a unique AI-model trained on phishing emails that all other filters missed
  • Human-curated threat intel by KnowBe4’s Threat Research Lab

PhishER Plus is available as a stand-alone product or as an upgrade option for current PhishER customers.

Find Out More At-a-glance 

Phishing by Industry Benchmarking Report 2023

Are users in your industry more susceptible to phishing attacks? Find out in the Phishing by Industry Report