Nearly two-thirds of security and IT leaders have fallen for phishing attacks

Poor password hygiene runs rampant with 68% of IT leaders and end users admitting to reusing system passwords.

  • Wednesday, 16th October 2024 Posted 1 month ago in by Phil Alsop

Arctic Wolf has published findings from its 2024 Human Risk Behavior Report, based on a global survey the company commissioned with Sapio Research of more than 1,500 senior IT and security decision-makers and end-users from over sixteen different countries.

As modern threat actors gain access to increasingly more sophisticated AI tools, employees play an even more critical role in their organisations cyber defences. The 2024 Arctic Wolf Human Risk Behavior Report aims to provide business leaders and security practitioners with a better understanding of the people practices and behaviours in their organisations in a post gen-AI world and offer insight into common human risk elements.

Key findings from the report include:

Consequences for Human-Related Security Failures are Steep: 27% of IT leaders have witnessed an employee termination for falling victim to a scam.

IT Leaders Prove to be Delinquent in Security Practices: More than a third (36%) of IT leaders have disabled security measures on their system.

Overconfidence Rings True for IT Professionals: 80% of IT leaders are confident their organisation won’t fall for a phishing attack, despite the fact that 64% have clicked on phishing links themselves.

Password Reuse is Still a Significant Challenge: 68% of IT and cybersecurity leaders admit to reusing system passwords.

AI Policies Still in Early Adoption: 60% of IT leaders say their organisation has an AI policy—but less than a third (29%) of end users are aware of it.

“Protecting against the human element is a concern security practitioners have held as a top priority for years – and the data in the 2024 Arctic Wolf Human Risk Behavior Report proves both leaders and end users still have a lot of work to ensure that they as individuals aren’t adversely impacting the overall security of their organisations,” said Adam Marre, chief information security officer, Arctic Wolf. “Cybersecurity isn't just about technology—it’s about people. As threat actors grow more sophisticated, security leaders must move beyond traditional security training methods and adopt a comprehensive human risk management strategy that will not only help them to better identify and mitigate threats, but more importantly foster a more proactive and security-conscious workforce.”

Security awareness training has historically been a core pillar of security operations, but traditional training solutions that operate on an annual cadence and offer a "check the box" approach to compliance are wildly ineffective, leaving employees unengaged and uninformed about the latest attacks targeting them. This report reveals how important it is for IT and security leaders to embrace the concept of human risk management within their organisations and explores how solutions such as Arctic Wolf Managed Security Awareness can help create a security culture instead of a culture of blame.

The promise of AI is on every biopharma’s radar, but the reality today is that much of the industry is grappling with how to convert the hype into...
IT teams urged to resolve ‘data delays’ as UK executives struggle to access and use relevant business data.

‘Playtime is over’ for GenAI

Posted 4 days ago by Phil Alsop
NTT DATA research shows organizations shifting from experiments to investments that drive performance.

GenAI not production-ready?

Posted 4 days ago by Phil Alsop
Architectural challenges are holding UK organisations back - with just 24% citing having sufficient governance to implement GenAI.

AI tops decision-makers' priorities

Posted 4 days ago by Phil Alsop
Skillsoft has released its 2024 IT Skills and Salary Report. Based on insights from more than 5,100 global IT decision-makers and professionals, the...

The state of cloud ransomware in 2024

Posted 4 days ago by Phil Alsop
Ransom attacks in the cloud are a perennially popular topic of discussion in the cloud security realm.
Talent and training partner, mthree, which supports major global tech, banking, and business clients to build job-ready teams, has revealed the...

AI innovation is powering the Net Zero transition

Posted 4 days ago by Phil Alsop
Whilst overall AI patent filings have slowed, green AI patent publications grew 35% in 2023.