Mimecast: The State of Human Risk 2025

Keypoints

• Typical report structure: Executive Summary (overview of the problem and headline findings); Key Findings (top statistics and trends); Thematic sections (e.g., Human Risk Management, Human Error, Market Adoption, HRM Platforms); Technical focus areas (Email and Collaboration Threat Protection, Data Loss and Insider Risk); Practical guidance (Key Takeaways and Recommendations); and Methodology (survey scope and sample details).
• Executive Summary typically highlights the shift from technology-centric defenses to human-centric risk, illustrates major incidents, and sets the strategic urgency for HRM adoption.
• Key Findings section presents headline metrics and survey results that quantify trends, budget shifts, and organizational readiness for emerging threats.
• Human Risk Management and Market Adoption sections explain HRM concepts, market traction, and reasons organizations are investing in connected HRM platforms rather than siloed controls.
• Human Error and Data Loss sections document common user-driven failure modes (misaddressed emails, credential compromise, improper disposal) and the real-world costs of those mistakes.
• HRM Platforms section describes capabilities: continuous monitoring across email and collaboration tools, individual risk scoring, attack-factor metrics, targeted remediation, and prevention before exfiltration.
• Budgets and Resourcing sections quantify spend trends, gaps, and where additional investment is needed (staffing, third-party services, collaboration and email security).
• Technical focus: Email and Collaboration Threat Protection details the evolving attack surface as adversaries target Slack, Zoom, Microsoft Teams and other collaboration services alongside traditional email.
• Security Awareness Evolves emphasizes moving from broad awareness training to targeted, behavior-driven interventions informed by HRM telemetry and risk scoring.
• Methodology clarifies credibility: this report is based on a global Vanson Bourne survey of 1,100 IT/security decision-makers across six countries and diverse industries (organizations with 250+ employees).
• Key statistics to note: 85% of organizations reported increased cybersecurity budgets year-over-year; only 3% feel budgets are sufficient.
• Resource allocation gaps: 57% say more budget is needed for staffing/third-party services, 52% for collaboration tool security, and 47% for email security.
• AI impact metrics: 95% use AI defensively, 81% worry about GenAI data leaks, and 55% lack specific preparedness for AI-driven threats.
• Risk and compliance indicators: 94% report obstacles ensuring employee compliance with security protocols; 95% expect continued email security challenges in 2025.
• Collaboration tool trend: 37% reported an increase in collaboration-tool attacks in 2024 and 44% expect an increase in 2025; 61% say a collaboration-tool attack will likely cause negative business impact in 2025.
• Concentration of risk: a small group of users drive the majority of incidents—8% of employees account for roughly 80% of incidents—making targeted HRM interventions highly efficient.
• High-profile incident example: the Change Healthcare breach was attributed to credential compromise via phishing and lack of MFA, with response costs estimated by United Healthcare at $2.3–$2.45 billion, illustrating the scale of human-driven risk.
• Evolving attacker techniques: AI-powered phishing, social engineering on collaboration platforms, credential stuffing and MFA bypasses are increasing in sophistication and frequency.
• Strategic shifts: organizations are moving toward human-centric security design (Gartner predicts 50% of CISOs will adopt formal human-centric practices by 2027) and prioritizing HRM platforms for end-to-end visibility.
• Recurring themes and takeaways: human behavior is the primary vulnerability; budgets are rising but insufficient; collaboration platforms are an urgent, expanding attack surface; AI is both a defensive tool and a new vector for data leakage; targeted training and HRM tooling focused on high-risk users yield the best risk reduction.
• Practical recommendations summarized: assess human-risk maturity and adopt HRM platforms; increase insider-threat visibility; align AI tools defensively and plan for GenAI risk; harden email and collaboration platforms; secure collaboration tools with controls analogous to email protections; secure executive buy-in and budget for centralized HRM; identify and remediate high-risk users and measure training effectiveness; and pair education with robust technical controls to evolve defenses against Business Email Compromise and advanced social engineering.