Skip links
Biggest cybersecurity threats

Lack of staff and human failure biggest cybersecurity risks

Lack of talent or human failure will be responsible for over half of significant cyber incidents by 2025. The number of cyber and social engineering attacks against people is spiking as threat actors increasingly see humans as the most vulnerable point of exploitation, marketing and research firm Gartner says in a report.

69% of employees have bypassed their organization’s cybersecurity guidance in the past 12 months, according to a survey that the company has made among 1 310 employees.

“In the survey, 74% of employees said they would be willing to bypass cybersecurity guidance if it helped them or their team achieve a business objective.”

“Friction that slows down employees and leads to insecure behaviour is a significant driver of insider risk,” says Paul Furtado, VP Analyst, Gartner.

Read Also:  World Economic Forum urging business leaders to take cybersecurity more seriously

To confront this rising threat, the company predicts that half of medium to large enterprises will adopt formal programs to manage insider risk by 2025, up from 10% today. 

“A focused insider risk management program should proactively and predictively identify behaviours that may result in the potential exfiltration of corporate assets or other damaging actions and provide corrective guidance, not punishment.”

“CISOs must increasingly consider insider risk when developing a cybersecurity program,” said Furtado. “Traditional cybersecurity tools have limited visibility into threats that come from within.”

Read Also:  Specialists forecast intensified cybercrime attacks in 2023

By 2025, nearly half of cybersecurity leaders will change jobs, 25% for different roles entirely due to multiple work-related stressors, the company predicts. This combined with massive market opportunities for cybersecurity professionals, means talent churn poses a significant threat for security teams. 

The company says its research shows that compliance-centric cybersecurity programs, low executive support and subpar industry-level maturity are all indicators of an organization that does not view security risk management as critical to business success. 

Read Also:  91% of companies report cyber incidents


Moonshot News is an independent European news website for all IT, Media and Advertising professionals, powered by women and with a focus on driving the narrative for diversity, inclusion and gender equality in the industry.

Our mission is to provide top and unbiased information for all professionals and to make sure that women get their fair share of voice in the news and in the spotlight!

We produce original content, news articles, a curated calendar of industry events and a database of women IT, Media and Advertising associations.

    Do you want an experienced opinion on a job issue?
    Moonshot Manager is here to answer!

      Moonshot community sharing thoughts and ideas, in a anonymous, safe environment.