Report by KnowBe4

The State of Human Risk 2025

11 FINDINGSPublished Dec 10, 2025
View Original Report →

Key Findings

93% of cybersecurity leaders reported incidents caused by cybercriminals exploiting employees.

KnowBe4The State of Human Risk 2025·5mo ago
Human RiskInsider Threats

Email-related incidents increased by 57%.

KnowBe4The State of Human Risk 2025·5mo ago
Email SecurityIncident Trends

90% of organizations experienced incidents caused by employee mistakes.

KnowBe4The State of Human Risk 2025·5mo ago
Human ErrorRisk Management

97% of cybersecurity leaders feel the need for increased budget allocations to bolster the security of the human element.

KnowBe4The State of Human Risk 2025·5mo ago
Budget Human Risk

Incidents relating to the human element surged by 90%.

KnowBe4The State of Human Risk 2025·5mo ago
Human RiskSecurity Incidents

AI applications experienced a 43% increase in security incidents over the past 12 months, marking the second-largest increase across all channels.

KnowBe4The State of Human Risk 2025·5mo ago
AI SecurityIncident Trends

45% of cybersecurity leaders cited constantly evolving AI threats as their greatest challenge when tackling behavioral risk.

KnowBe4The State of Human Risk 2025·5mo ago
AI ThreatsBehavioral RiskHuman Risk

64% of organizations fell victim to external attacks that exploited employees through email.

KnowBe4The State of Human Risk 2025·5mo ago
Email SecurityExternal AttacksHuman Risk

Malicious insiders accounted for incidents at 36% of organizations.

KnowBe4The State of Human Risk 2025·5mo ago
Insider ThreatsRisk ManagementMalicious Insiders

56% of employees are unhappy with their company's approach to AI tools, which can drive them toward unsanctioned platforms and creating 'shadow AI' risks.

KnowBe4The State of Human Risk 2025·5mo ago
AI ToolsEmployee SentimentShadow AI

32% of organizations reported increased incidents related to deepfakes.

KnowBe4The State of Human Risk 2025·5mo ago
DeepfakesIncident Trends