The Human Side of Cyber Security
Human-related cybersecurity incidents surged 90% in 2025, exposing organizations to escalating costs and disruptions as AI supercharges social engineering and phishing attacks.
Key takeaways
- •A dramatic 90% rise in human-factor incidents in 2025, including social engineering and errors, has made people the primary breach entry point despite heavy tech investments.
- •High-profile 2025 attacks like those on Marks & Spencer and others exploited social engineering to cause operational paralysis, shifting ransomware tactics from data theft to business disruption with multimillion-dollar consequences.
- •AI's role in crafting hyper-personalized, convincing attacks creates a tension between rapid innovation adoption and the persistent vulnerability of human judgment, where technical defenses alone fall short without addressing behavioral risks.
The Persistent Human Vulnerability
In early 2026, the cybersecurity landscape underscores a stubborn reality: despite billions spent on advanced tools, AI-driven defenses, and automation, humans remain the weakest link. Reports from 2025 show human-related security risks jumped 90%, with incidents driven by social engineering, phishing, business email compromise, and plain error affecting 90% of organizations through employee mistakes alone.
Major breaches in 2025 highlighted the stakes. The Marks & Spencer ransomware attack in April relied on social engineering to trick service desk staff into credential resets via a compromised third-party provider, disrupting retail operations and exposing customer data for follow-on phishing. Similar patterns appeared in attacks on food distributors and automakers, where adversaries shifted from encryption to causing production halts and supply-chain chaos, amplifying financial and reputational damage beyond mere data loss.
The World Economic Forum's Global Cybersecurity Outlook 2026 ranks cyber-enabled fraud and phishing as top concerns for CEOs, outpacing traditional ransomware in priority. AI has accelerated this shift: tools enable autonomous, tailored attacks like voice phishing surges (up 442% in late 2024, trend continuing) and deepfakes that bypass traditional filters. Yet even as AI bolsters defenses, it widens gaps—organizations embracing it for efficiency face governance lags and over-reliance on tech that cannot replace human skepticism.
Non-obvious tensions emerge here. Employees bypass controls to meet deadlines, with 74% admitting to such actions when business pressures mount. This creates a trade-off: stronger technical barriers add friction, prompting shadow workarounds that heighten risk. Insider threats blend with external exploits, where negligence or malice costs organizations an average of $13.9 million per insider data-loss event. Geopolitical factors compound this, as state actors and criminals exploit trust relationships over brute-force vulnerabilities.
Concrete consequences include regulatory scrutiny, insurance premium hikes, and operational downtime costing millions daily. Inaction leaves firms exposed to escalating attack sophistication, where a single convincing call or email can cascade into widespread harm.
Sources
- https://www.securitymagazine.com/articles/102139-human-related-security-risks-rose-90-in-2025
- https://www.weforum.org/publications/global-cybersecurity-outlook-2026/digest
- https://www.cybersecuritydive.com/news/5-cybersecurity-trends-2026/810354
- https://www.upguard.com/blog/human-factors-in-cybersecurity
- https://www.mimecast.com/resources/ebooks/state-of-human-risk-2025
- https://www.cm-alliance.com/cybersecurity-blog/biggest-cyber-attacks-of-2025-the-impact-on-global-cybersecurity
- https://learning.techsoup.net.nz/course/view.php?id=407
You might also like
- Feb 24[Banking Trends Webinar] Integrating Cyber and Fraud Teams To Defend as One
- Mar 13The insider threat: From human vulnerability to strategic risk
- Mar 17Franchises Under Fire: Securing Your Business from Cybersecurity Threats
- Mar 17Stop attacks before they spread with Okta’s Identity Threat Protection
- Apr 16Building Effective Security Operations for Converged OT and IT in Critical Infrastructure