InfoSecBulletin Cybersecurity for mankind
Living Security, a leader in Human Risk Management, has published the 2025 State of Human Cyber Risk Report, an independent study by Cyentia Institute. The report examines behavioral risks in organizations and shows that strategic HRM programs can reduce these risks 60% faster than traditional approaches.
A study of over 100 companies and millions of user events reveals where cyber risks exist in the workforce and how top firms are reducing them. It shows that just 10% of employees account for 73% of risky behavior. The report emphasizes that in 2025, protecting an organization will focus more on managing people than systems.
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
CISA: Splunk flaw under active exploit, patch by Sunday
Texas data breach exposes 3 million driver’s licenses
“Security teams have always known the human factor plays a critical role in breaches, but they’ve lacked the visibility to act on it,” said Ashley Rose, CEO and Co-founder of Living Security. “Until now, most insights have relied on anecdotal evidence or narrow indicators like phishing clicks. This report changes that by providing hard data that shows exactly where risk lives, and what actually works to reduce it.”
Key Findings from the Report:
Human risk is concentrated, not widespread: Just 10% of employees are responsible for nearly three-quarters (73%) of all risky behavior.
Visibility is alarmingly low: Organizations relying solely on security awareness training (SAT) have visibility into only 12% of risky behavior, compared to 5X that for mature HRM programs.
Risk is often misidentified: Contrary to popular belief, remote and part-time workers are less risky than their in-office peers.
HRM works: Companies using Living Security’s Unify platform cut their risky user population by 50% and reduced high-risk behavior duration by 60%.
From Awareness to Action: Making Human Risk Measurable
Unlike traditional reports that look at outside threats or compliance checks, the 2025 State of Human Cyber Risk Report focuses on internal risk behaviors and how they can improve with effective solutions.
With budgets tightening and threats evolving, the stakes are clear: cybersecurity can no longer rely on awareness alone. Leaders must prioritize behavioral visibility, targeted action, and ROI-driven results.
“Cybersecurity is no longer just about technology, it’s about behavior,” said Rose. “If we don’t understand who our riskiest users are, why they’re at risk, and how to help them improve, we’ll continue chasing symptoms instead of solving the root problem.”
Looking Ahead
AI agents and digital co-workers are rapidly entering the enterprise, changing the landscape of risk management. Living Security, a leader in Human Risk Management, focuses on managing behavioral risk, not just human risk. This report highlights progress in human risk and points to a future where businesses ensure shared visibility, standards, and accountability for both humans and AI.
About the Report
The 2025 State of Human Cyber Risk Report was created in collaboration with the Cyentia Institute and uses anonymized data from Living Security’s Unify platform. It analyzes hundreds of millions of user events to illustrate human risk and offers ways to minimize it.
