Security Awareness Training Companies. PHOTO: Cybercrime Magazine.

List of Security Awareness Training Companies To Watch in 2020

Find companies to help defend your organization and employees against phishing scams and ransomware attacks

Steve Morgan, Editor-in-Chief

Northport, N.Y. – May 15, 2020

Demand for training employees on how to recognize phishing scams and other cyber threats is soaring. A report from Cybersecurity Ventures predicts the market for security awareness training will reach $10 billion annually by 2027, up from roughly $1 billion in 2014.

Global ransomware damage costs are predicted to hit $11.5 billion by 2019 – and ransomware is expected to attack a business every 14 seconds by end of 2019. To put this in perspective, ransomware damage costs were estimated at $325 million in 2015.

Who’s who in the security awareness training space? Cybercrime Magazine explains with our 2019 list of the hot movers and shakers in this explosive market. These companies provide products, services, and platforms for employee education, phishing simulation, and related offerings.

Learn about cybersecurity training for your employees from these top providers:


The first edition of the Directory of Security Awareness Training Companies for 2019 provides an alphabetical listing for the U.S. and international.

  • Ataata, Bethesda, Md. Developed by top leadership from the U.S. military, law enforcement, and the intelligence community, Ataata is a security awareness training and cyber risk management platform that combines effective, modern training techniques with predictive analytics.
  • AwareGO, Reykjavík, Iceland. AwareGo produces high-quality videos to maximize the impact of security awareness campaigns and provides effective compliance and General Data Protection Regulation training.
  • Barracuda Networks, Campbell, Calif. Turn everyday employees into fierce security advocates. Train them to understand the latest attack techniques, recognize subtle clues, and help stop email fraud, data loss, and brand damage with Barracuda PhishLine. Fight phishing with continuous simulation and training.
  • Boxphish, Leeds, England. Boxphish offers automated intelligent, interactive and experiential training in cybersecurity awareness to teach organizations to identify email-borne threats and change behaviors accordingly.

Experience a game-changing security culture with Living Security

Immersive Cyber Security Awareness Training Experiences to Engage The Enterprise

  • Circadence, Boulder, Colo. Circadence’s security awareness solutions inform the entire workforce of current cyber threats and improve an institution’s cybersecurity posture through immersive, persistent solutions tailored to train and inform every employee.
  • Curricula, Atlanta, Ga. A fun themed security awareness training program filled with heroes, villains, and stories all designed to train employees on how to defend against hackers. Employees defend against DeeDee, Curricula’s AI villain, in an integrated phishing simulation experience. Reward your employees with a fun security awareness journey they will never forget.
  • Cyber Risk AwareDublin, Ireland. Provides “real-time” security awareness training, cyber knowledge assessment, and phishing and smishing threat simulations. The platform measures the level of human cyber risk in a business, mitigates risk by raising staff awareness, and enables clients to meet their compliance obligations and security accreditations through comprehensive reporting.
  • CyberHoot, Smyrna, Del. The ONLY Email Driven Cybersecurity Training Platform! NO Passwords, NO Logins, NO Administration.  No need to learn a new platform.  You can add/delete employees and trainings through email. If you can send an email, you can manage a cybersecurity training program.
  • Cybermaniacs, London, England. Cybermaniacs delivers serious cybersecurity awareness through its cloud-based, interactive platform, which uses the latest in learning approaches and technologies, along with an engaging and humorous approach to change.
  • CyberProtex, Madison, Ala. Employees are the first line and often the most important line of defense in protecting the confidentiality, integrity and availability of a company’s information and information assets. CyberProtex offers superb Security Awareness Training to educate and empower employees to protect data.
  • Digital Defense, Inc., San Antonio, Texas. As security awareness training can be dry and boring, Digital Defense got creative and developed SecurED® in collaboration with award-winning Hollywood comedy writers. The combination of serious and important guidance with fun, engaging characters achieves the “stickiness factor” required to achieve real results.
  • Elevate Security, Berkeley, Calif. Measure, influence, and reduce human risk. While there are many products on the market that focus on technology or processes, none focus effectively on people. Organizations today need all three elements to stand up to the rapidly changing security landscape.
  • Global Learning Systems, Clarksville, Md. With over 25 years experience, Global Learning Systems’ (GLS) online security awareness training for employees drives positive employee behavior change with our comprehensive web-based course library and communication resources. Our suite of scenario-based courses and modules can be quickly deployed to address your compliance and audit requirements, as well as customized to provide an effective client-tailored program.
  • Habitu8, Los Angeles, Calif. A security awareness training vendor founded by security awareness experts, Habitu8 helps companies build effective security awareness programs using engaging training videos and proven strategy.
  • HoxHuntHelsinki, Finland. The fully automated service simulates real attacks and shows the techniques attackers use to infiltrate organizations. Employees are rewarded for reporting the attacks, both real and simulated. The result is behavioral change instead of just awareness.

  • InfoSec Institute, Madison, Wis. SecurityIQ, a security awareness education and phishing simulation platform, personalizes training to each user’s security aptitude, role and learning style. It cuts through the clutter, engages users and reinforces your human firewall. Recognized as a Gartner Peer Insights Customers’ Choice for Security Awareness Computer-Based Training.
  • IronSchool (by Ironscales), Tel Aviv, Israel. Attack simulation and phishing awareness training, IronSchool continuously assesses individual employee behavior and skillsets through short simulated phishing scenarios. This prepares employees to identify and mitigate all types of advanced email phishing threats, including those without links or attachments.
  • Junglemap, Oslo, Norway. Junglemap’s Information Security Awareness 365 programs are based on a series of two-to-three-minute single-topic lessons sent to all your employees every two to three weeks year-round for optimal learning and alertness.
  • KnowBe4, Clearwater, Fla.  World’s most popular integrated platform for awareness training combined with simulated phishing attacks. We help thousands of organizations to manage the continuing problem of social engineering. Find out how effective our security awareness training is, and start with your FREE Phishing Security Test; find out what percentage of your employees are Phish-prone.
  • Living Security reduces the #1 cybersecurity risk for enterprises, human error, through engaging and impactful security awareness training that is brought to life by innovative tech-enabled experiences. Experience a game-changing security culture with Living Security.
  • LUCY SecurityZurich, Switzerland. LUCY allows companies to take on the role of an attacker and uncover and close weaknesses in both the technical infrastructure and the staff. The multi-tenant server can be downloaded and run on-premise within your intranet or can be used as a cloud-based solution with restricted access for only your staff.
  • MediaPro, Bothell, Wash. From awareness program planning, employee surveys and phishing, to award-winning training content and tools to keep it all working together, MediaPRO offers our clients a complete learning solution. Get everything you need to engage employees, measure results, and continuously drive down risk—all from a unified, cloud-based solution with nothing to deploy or manage.
  • Ninjio, Westlake Village, Calif. Gamified security awareness training for employees. Each 3-4 minute animated episode is written by a Hollywood writer featuring a real-life company who has suffered a significant breach. New episodes are released every 30 days to keep users up-to-date on current threats. Gamification encourages engagement.
  • PhishingBox, Lexington, Ky. PhishingBox checks for vulnerabilities irrespective of networks, systems and applications. The system allows users to perform security checks without involving employees outside their own IT department.

KnowBe4: The Making of a Unicorn

A cybersecurity story

  • PhishLabs, Charleston, S.C.  Delivered as a managed service, PhishLabs’ Security Awareness Training ensures organizations make the most of their training investments. PhishLabs’ experts will take your team through a short, focused, and frequent training program that quickly develops and sharpens the skills and behaviors that protect against real-world phishing threats.
  • SANS Institute, North Bethesda, Md. We offer a comprehensive suite of awareness training content. Computer-based training, an extensive set of support materials, and a multi-stage curriculum all created by the experts in cybersecurity awareness. Our approach is to provide you with the right tools to create, grow and mature your awareness program, while supporting you every step of the way with our Guided Training.
  • Secure Mentem, Annapolis, Md. Dedicated to changing employee security behaviors by addressing all aspects of human security concerns, Secure Mentem provides both custom services as well as the flagship on demand Security Awareness as a Service solution.
  • Security Innovation, Wilmington, Mass. Leveraging interactive training modules, reinforcement assets, and optional integrated phishing solutions, Security Innovation provides application security testing, software security assessment, awareness and technical training, and embedded system security services.
  • Security Mentor, Pacific Grove, Calif. Founded in 2007 by certified security professionals with more than 25 years of experience who work with the experts in instructional design and multimedia, and interactive design, to create truly effective security awareness training for employees.
  • Stridepoint, Tampa, Fla. Stridepoint provides custom security audits, compliance training and managed security awareness to help you build an effective culture of security.
  • The Security Awareness Company, Old Hickory, Tenn.  We create successful cybersecurity awareness training programs (including compliance standards such as HIPAA and PCI-DSS) for companies of all sizes. Our products are different from other security companies, because our engaging content is specifically designed to transform your end-users into human firewalls.
  • Webroot, Broomfield, Colo. With ongoing, relevant, engaging cybersecurity awareness training such as phishing simulations, courses on IT and security best practices, and data protection and compliance training where relevant, businesses can significantly reduce the risks they face due to user error.
  • Wombat Security (division of Proofpoint), Pittsburgh, Pa. SaaS-based information security awareness and training software to help organizations teach their employees secure behavior. Security Education Platform includes integrated knowledge assessments, a library of simulated attacks, and interactive training modules, which have been proven to reduce successful phishing attacks and malware infections by up to 90 percent.

For information about this list, contact the editors at Cybersecurity Ventures.

Steve Morgan is founder and Editor-in-Chief at Cybersecurity Ventures.

Go here to read all of my blogs and articles covering cybersecurity. Go here to send me story tips, feedback and suggestions.

– Di Freeze, Managing Editor, contributed to this article.