KnowBe4 releases state of human risk 2025 report
KnowBe4 released its State of Human Risk 2025 report, which documented rising counts of human-related security incidents and breaches involving Artificial Intelligence (AI) applications and flagged those trends as a growing challenge for security leaders.
The study compiled responses from 700 cybersecurity leaders and 3,500 employees and reported that incidents tied to the human element rose by 90%. The research also found that 97% of cybersecurity leaders reported a need for increased budget allocations to address risks associated with people.
The report detailed channel- and behavior-level findings, including a 57% increase in email-related incidents, a 43% rise in AI application incidents, and a 32% increase in deepfake-related incidents. It recorded that 93% of leaders saw incidents caused by cybercriminals exploiting employees, 90% of organizations experienced incidents from employee mistakes, and 36% reported malicious insider incidents, while 98% of organizations had taken steps to address AI-related risks and 56% of employees expressed dissatisfaction with their companys approach to AI tools.
The research noted that 64% of organizations fell victim to external attacks that exploited employees through email and that email was expected to remain the most at-risk channel for several more years, even as multi-channel attacks and voice phishing grew and cybercriminals used AI to scale attacks. The report was based on an independent survey by Arlington Research and included respondents from a range of countries and listed sectors.
“The productivity gains from AI are too great to ignore, so the future of work requires seamless collaboration between humans and AI,” “Employees and AI agents will need to work in harmony, supported by a security program that proactively manages the risk of both. Human risk management must evolve to cover the AI layer before critical business activity migrates onto unmonitored, high-risk platforms.” said Javvad Malik, lead CISO advisor at KnowBe4.
The report provided a link to the full 'The State of Human Risk 2025: The New Paradigm of Securing People in the AI Edge Resource Allocator (ERA)' document for further insights and recommendations.