Over a quarter of IT professionals have seen an employee fired after falling for an online scam. This is amongst the findings of security provider Arctic Wolf’s Human Risk Behaviour Report, which analysed the risk behaviours of 1,500 security professionals and end-users globally.

According to the report, 80% of IT professionals say they are confident their organisation won’t fall for a phishing attack, though 64% have clicked on nefarious links.

Poor password hygiene also “runs rampant”, with 68% of IT professionals and end users admitting to reusing system passwords.

As modern threat actors gain access to increasingly more sophisticated AI tools, employees play an even more critical role in their organisations’ cyber defences.

“Protecting against the human element is a concern security practitioners have held as a top priority for years, and the data in the 2024 Arctic Wolf Human Risk Behavior Report proves both professionals and end users still have a lot of work [to do] to ensure that they as individuals aren’t adversely impacting the overall security of their organisations,” said Adam Marre, chief information security officer, Arctic Wolf.

“Cyber security isn't just about technology – it’s about people. As threat actors grow more sophisticated, security leaders must move beyond traditional security training methods and adopt a comprehensive human risk management strategy that will not only help them to better identify and mitigate threats, but more importantly foster a more proactive and security-conscious workforce.”

---