A new report reveals that security leaders face increasing pressure in managing behavioral cybersecurity risks as the workforce transforms to embrace AI.
A survey of 700 cybersecurity leaders and 3,500 employees by KnowBe4 found that human element It has increased by 90% in the past year. Examples of how these incidents occur include social engineering attacks such as phishing and business email compromise (BEC), risky or malicious behavior, and human error.
The findings make clear that humans are often the weak link in the chain. 93% of leaders surveyed reported incidents caused by cybercrime exploiting their employees. The report also shows a 57% increase in email-related incidents, indicating that email remains the primary battleground. 64% of organizations have fallen victim to external attacks that exploit employees via email.
Human error also remains a significant vulnerability, as 90% of organizations experience incidents caused by employee error. On top of this, malicious insiders continue to threaten from within, with incidents occurring in 36% of organizations.
It's no wonder, then, that 97% of cybersecurity leaders feel the need to increase budget allocations to strengthen human element security.
While AI improves productivity, it also comes with security concerns. AI applications have seen a 43% increase in security incidents over the past 12 months, the second largest increase across all channels.
Despite 98% taking steps to address AI-related risks, cybersecurity leaders rank AI-powered threats as their top security risk, and 45% cite constantly evolving AI threats as their biggest challenge in addressing behavioral risks.
While 98% of organizations are taking steps to address AI-related cybersecurity risks, 56% of employees are dissatisfied with their company's approach to AI tools, which risks directing employees to unapproved platforms and creating “shadow AI” risks.
“The productivity gains from AI are too great to ignore, and the future of work requires seamless collaboration between humans and AI,” said Javvad Malik, Principal CISO Advisor at KnowBe4. “Employees and AI agents must work in harmony, supported by security programs that proactively manage the risks of both. Human risk management must evolve to cover the AI layer before critical business activities are moved to unmonitored, high-risk platforms.”
The full report is available on the KnowBe4 site.
Do you think humans are at greater risk than AI? Let us know in the comments.
image credits: Morganka/Dreamstime.com
