"Human error and internal risks continue to contribute structurally to data breaches and account takeovers. This is according to research by KnowBe4. Email remains the primary channel through which cybercriminals deceive employees in incidents. 64% of organizations reported incidents that originated via email, while 57% saw a further increase in email-related attacks. Phishing also served as a gateway to account takeovers in 59% of the affected organizations."
"At the same time, the threat landscape is shifting to a broader group of communication channels. Thirty-nine percent of organizations reported successful attacks via messaging platforms such as Microsoft Teams and Slack. Social media also poses a growing risk (36%), as does SMS-based phishing (smishing), which affected 31% of organizations. This development is leading to so-called boundaryless phishing, in which employees are targeted on virtually every digital channel."
"In addition to external attacks, internal threats also pose a substantial and often underestimated risk. 36% of cybersecurity leaders indicated that employees deliberately caused security incidents in the past year. In most cases, organizations were hardly able to intervene. Only 6% of these incidents were stopped before the employee achieved their goal. In 43% of incidents, data was leaked or sold to competitors, followed by online information leaks (37%) and taking company data to a new employer (35%)."
Cyber incidents involving employees increased by 90% last year, and 93% of organizations experienced attacks exploiting human behavior. Human error and internal risks remain structural contributors to data breaches and account takeovers. Email stayed the primary vector, with 64% of organizations reporting incidents originating via email and 57% reporting increasing email-related attacks; phishing enabled account takeovers in 59% of affected organizations. The attack surface widened to messaging platforms, social media, and SMS, producing boundaryless phishing across channels. Internal threats included deliberate employee-caused incidents (36%), limited intervention success (6% stopped), data leaks, and frequent human mistakes.
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]