Findings from KnowBe4’s survey of security professionals at Infosecurity Europe 2025 emphasise the importance of human risk management to improve cyber resilience
KnowBe4, the world-renowned cybersecurity platform that comprehensively addresses human risk management, released a new report entitled Navigating Cyber Threats: Infosecurity Europe 2025 Findings. The findings show that cybersecurity professionals are sounding the alarm; not about increasingly sophisticated cyber threats, but about something far more human – distraction. The new research from KnowBe4, surveyed more than 100 security professionals during the Infosecurity Europe 2025 conference to gauge the current state of cybersecurity concerns.
The main findings of the report include:
- Distraction is a Top Cybersecurity Weakness: Distraction (43%) and lack of security awareness training (41%) are identified as primary reasons employees fall victim to cyberattacks, rather than attack sophistication.
- Phishing Remains Dominant: Phishing is the leading threat (74%), with impersonation of executives or trusted colleagues being the most common tactic. AI-generated threats are not yet dominant but fears about their rise are growing.
- Cybersecurity Spending Increase with Alignment Gaps: 65% of organisations plan to increase cybersecurity budgets, with top investment areas including email security and security awareness training. However, there is a disconnect between perceived effectiveness of AI-based tools (32% believe greatest impact) and their prioritisation for funding (26%).
- Anticipation of the AI Tipping Point: 60% of organisations fear the rise of AI-generated threats, suggesting preparation for future threats while still dealing with current human risks.
- The Confidence Paradox: Nearly 90% of respondents express confidence in their ability to respond to cyberattacks, which appears inconsistent with breach frequency and known vulnerabilities. This overconfidence is considered a risk in itself.
“Cyber risk is not just about advanced technology; it is about human bandwidth and the cognitive load of fast-paced digital workplace,” said Javvad Malik, lead cybersecurity awareness advocate at KnowBe4. “The findings highlight that bridging the gap between perceived value and investment in integrated human risk management is crucial. Overconfidence, a risk in itself, further underscores the need to validate defences and support employees in making secure decisions amidst distractions, especially as we prepare for the rising tide of AI-generated threats.”
The report concludes with key recommendations for organisations looking to close the gap between threats and defences, with top tips on how to embrace human risk management, strengthen core security and build organisational resilience.
Catch more CIO Insights: Hyperautomation’s Global Spotlight: How IT Leaders Are Transforming Processes Across the Tech Landscape
[To share your insights with us, please write to psen@itechseries.com ]
