Human Error
Cybersecurity statistics about human error
Related Topics
Showing 1-20 of 42 results
17% of Nordic CISOs cited insiders & human error as their primary concern.
Human error (employees tricked into providing credentials) was cited in nearly 43% of identity incidents.
66% of ITOps and engineering leaders are prioritizing investments in automation to mitigate the risks of human error.
89% of employees say they feel safe reporting mistakes in organizations that prioritize cybersecurity as a culture.
58% of cybersecurity leaders say mistakes during everyday work have had the greatest impact on their organization’s cybersecurity in the past 12 months.
64% of employees say it is possible that they could be tricked by AI-enabled attacks.
42% of cybersecurity leaders identify AI-enabled attacks as a key driver of future human-related cybersecurity risks.
19% of cybersecurity leaders report their organizations have an integrated and culture-embedded approach in place to manage human-related cybersecurity risk.
Social engineering drove 88% of material losses in the first half of 2025 in Resilience's healthcare portfolio, making human error the industry's single most consequential vulnerability.
Human error contributes to 28% of breaches.
90% of organizations experienced incidents caused by employee mistakes.
The top factor cited for attackers successfully bypassing systems was human error at 46.10%.
Human error remains the top cybersecurity vulnerability in 2025, with 66% of CISOs citing people as their greatest risk.
43% of cybersecurity professionals identified distraction as a primary reason employees fall victim to cyberattacks.
55% of security leaders are constantly worried that a single employee mistake could put their entire organisation at risk.
In just 12 months, attackers attempted to steal more than $300 million via VEC.
In EMEA, the VEC engagement rate exceeds Business Email Compromise (BEC) by 90%.
Telecommunications saw the highest VEC engagement rate at 71.3%.
Junior sales staff were among the most vulnerable roles, engaging with read VEC attacks at a rate of 86%.
The overall reporting rate for advanced text-based email threats was just 1.46%.