Phishing Report. PHOTO: Cybercrime Magazine.

2023 Phishing By Industry Benchmarking Report

Find out how you are doing compared to your peers of similar size. Download Report

Steve Morgan, Editor-in-Chief

Sausalito, Calif. – Aug. 9, 2023

Cyber threats continue to grow as criminals rely on the tried and tested attack methods while developing new, more sophisticated ways to infiltrate digital environments and minimize the effectiveness of your human defense layer.

However, there’s an often overlooked security layer that can significantly reduce your organization’s attack surface: New-school security awareness training.

KnowBe4’s 2023 Phishing By Industry Benchmarking study analyzed a data set of 12.5 million users across 35,681 organizations with over 32.1 million simulated phishing security tests. This report highlights employee Phish-prone™ Percentages by industry, revealing at-risk users that are susceptible to phishing or social engineering attacks.  The research also reveals radical drops in careless clicking after 90 days and 12 months of new-school security awareness training.

Do you know how your organization compares to your peers of similar size? Download the report to find out!


  • New phishing benchmark data for 19 industries and seven geographical regions
  • Understanding who’s at risk and what you can do about it
  • Actionable tips to create your “human firewall”
  • The value of new-school security awareness training

Joanna G. Huisman, Senior Vice President, Strategic Insights & Research at KnowBe4, and one of the authors of the 2023 Phishing By Industry Benchmarking Report, shares some unique insights into the state of combating phishing, one of the biggest cyber threats we face, in this in-depth video interview with Cybercrime Magazine.

Steve Morgan is founder and Editor-in-Chief at Cybersecurity Ventures. Go here to read all of Steve Morgan’s blogs and articles covering cybersecurity. Go here to send him story tips, feedback, and suggestions.

Sponsored by KnowBe4

KnowBe4 is the provider of the world’s largest security awareness training and simulated phishing platform that helps you manage the ongoing problem of social engineering. We help you address the human element of security by raising awareness about ransomware, CEO fraud and other social engineering tactics through a new-school approach to awareness training on security. Tens of thousands of organizations like yours rely on us to mobilize your end users as your last line of defense.