Data Accelerator: Social Engineering and the Human Element

Globally, Europe is the most prepared region for AI-driven attacks with 66% saying they are prepared.

56% of organizations noted preparedness for business email compromise.

38% of organizations admit to being underprepared for AI-driven social engineering threats such as automated attacks, deepfake-based videos, and voice scams.

Just 32% of organizations have enlisted training and awareness experts to help educate their workforce on social engineering attacks over the past 12 months.

44% of organizations believe an AI-powered attack is likely to occur within the next 12 months.

Only 29% of organizations are prepared for an AI-powered attack.

Just 20% of organizations describe themselves as highly effective in defending against cyber adversaries using AI techniques.

44% of organizations are prepared for insider threats or account takeover.

57% of organizations are prepared for personal information exfiltration.

43% of organizations are prepared for smishing.

41% of organizations are prepared for quishing.

51% of organizations are prepared for phishing.

32% of organizations reported being prepared for deepfake and synthetic identity attacks.

Only 20% of organizations feel confident they are implementing a strategy to educate their workforce.

Only 13% of organizations are investing significantly in Zero Trust Architecture (ZTA).

41% of organizations report a significantly higher volume of cyberattacks compared to 12 months ago.

59% of organizations report an increasing difficulty for employees to discern real from not real.

Organizations are most likely to make significant investments in cyber resilience processes across the business (33%).

Organizations are likely to make significant investments in generative AI to defend against social engineering attacks (31%).

Approximately one-quarter (24%) of organizations say they are highly effective at implementing and using AI to enhance cybersecurity.