Arctic Wolf Human Risk Behavior Snapshot Highlights Breaches and AI Risks

Arctic Wolf released its second annual Human Risk Behavior Snapshot, surveying over 1,700 IT leaders and end users. The findings indicated that while many organizations exhibit confidence in their cybersecurity frameworks, employee behaviors such as clicking on phishing links and improperly using Artificial Intelligence (AI) tools continue to lead to data breaches.

Despite increasing threat activity and the integration of Generative AI (GenAI) in workplaces, the human factor remains unpredictable. Overconfidence among leaders, along with employees bypassing basic security protocols, has created a substantial gap between perceived safety and actual risk exposure. The Human Risk Behavior Snapshot aims to help business leaders identify these pitfalls and address ongoing risks.

Key findings from the report highlight that 68% of IT leaders reported a breach within the last year, with the highest occurrences in Australia, New Zealand, and the U.K. Nearly two-thirds of IT leaders admitted to clicking on malicious links, though many believed their organizations were secure. Additionally, 39% of senior executives faced phishing attempts, and 80% of IT leaders utilized GenAI for work purposes, with 60% sharing confidential data with these tools. Notably, a majority of IT leaders indicated a willingness to terminate employees who fall victim to scams, even as companies that focused on training noted an 88% reduction in risk.

Adam Marrè, Senior Vice President and Chief Information Security Officer at Arctic Wolf, emphasized that while GenAI offers powerful utility, it also introduces new risks. He stated that leaders must recognize human risk as a shared responsibility within organizations, pairing strong policies with practices that promote employee accountability and learning. Stronger measures are essential to reduce risk while fostering an environment where employees feel empowered to address and learn from mistakes.