Top 5 takeaways from HuFiCon 2025

In early November, HuFiCon 2025 brought Europe’s security leaders together, and the conversations told a consistent story: people shape resilience long before technology does. It came through in fireside chats, panel discussions, and in the way speakers focused on real incidents. 

The day opened with SoSafe CEO Niklas Hellemann, who focused on the human layer as a working part of the organisation. He highlighted moments where people spotted something unusual, raised a flag early, or simply asked the right question at the right time. Those small actions repeatedly prevented bigger problems.

The programme then moved through a range of perspectives on resilience, from AI-driven threats to operational realities inside large organisations. A live hacking session demonstrated how quickly an attacker can move once a single click gives them a foothold. Ralf Schumacher added a practical story from Formula 1, showing how teams rely on clear communication and fast, confident decisions when the pressure is high. His point translated directly to how cybersecurity teams face the same conditions, only in a different arena.

What connected the sessions was that when people understand what is at stake and feel supported in raising concerns, they strengthen the organisation far more than any standalone tool.

The following five takeaways capture the most grounded and actionable insights from HuFiCon25 for leaders who want to reinforce the human side of their security strategy.

1. Community is our new intelligence

A recurring theme at HuFiCon 2025 was surprisingly simple: resilience improves when people talk to each other. Once teams start comparing experiences, you quickly realise no one is dealing with these challenges in isolation, even if it sometimes feels that way.

During the “Nourishing Collective Intelligence” panel, leaders from Continental, Creditbank, and major retailers described how much stronger their organisations became once they shared what went well and what did not. It was a reminder that even small wins or minor setbacks can spark useful conversations when they are not kept within a single team.

In times of hardship, it is very important to stick together, and we want… to enable you to share your findings, your threats, and your success stories so we can adapt together as one. I am super happy that our Human Firewall podcast is one of the places we built to share your stories… with over 70 episodes and more than 40 experts sharing their diverse backgrounds. This community is about sharing best practices, your failure stories, your concerns, your questions, and stories of digital self-defence… and more and more people go out and share these stories, and we can learn a lot from them.”

— Dr. Niklas Hellemann, Co-founder and CEO of SoSafe, from his keynote Collective Intelligence: Unlocking the power of community, together

When insights circulate instead of sitting in separate pockets, they turn into collective strength. Every incident becomes shared intelligence. And when that happens, the whole ecosystem grows more resilient, even as the world feels like it is drifting apart.

2. AI changes the tempo, while humans set the rhythm

AI has accelerated the pace of cybercrime. SoSafe data shows that 87 percent of security leaders have seen a rise in AI-based social engineering attacks. In 2024, half of all security leaders reported at least one AI-driven social engineering incident. By 2025, that number had grown to 83 percent. Modern attacks now include richer organisational context and more convincing personal detail.

Even so, the strongest defence still comes from people. Attackers might use AI to create deepfake voices or highly personalised phishing messages, but trained employees spot things that machines do not.

Rather than treating AI only as a threat, organisations can use it to strengthen their defences by incorporating AI-specific scenarios into awareness training. These exercises help employees recognise the new patterns and keep their intuition sharp.

The risk is real. We now see cases where it takes only two days between someone announcing a new job on LinkedIn and receiving their first phishing email. AI might change the tempo, but humans still set the rhythm when they are equipped with the right skills.

3. Build security people actually believe in

Leaders from around the world reminded us that when pressure rises, people come first. As one workshop put it, policies do not change behaviour. Culture does.

Speakers shared how supporting teams directly strengthens security. One reflected on psychological safety practices borrowed from emergency services that helped their cyber teams manage stress more effectively. Another noted that stressed responders are more likely to make mistakes that alert teams would avoid, which is why strong support programmes matter. Some organisations even run crisis simulations followed by psychological debriefs to help teams process the experience and build resilience.

Security works only when people use it. And that requires communication that makes sense, training that feels relevant, and awareness programmes that spark genuine interest rather than eye rolls. When culture shifts, secure behaviour becomes something people choose, not something they are told to do.

4. Good design becomes good defence

HuFiCon 2025 made it clear that modern defence maturity is a design challenge. Empathy, user experience, and co-creation now shape whether security succeeds in real workplaces. If security feels like an interruption, people will work around it. If it feels natural, they will follow it without thinking twice.

Leaders shared examples of teams reshaping security so it blends into everyday work. Some involved employees directly in redesigning policies, not to soften standards but to make them workable. Others improved their controls by removing unnecessary steps, making it easier to log in, report issues, or complete required tasks. In a few organisations, small usability improvements led to noticeable drops in policy violations because the secure path finally became the simple one.

The idea is straightforward. Meet people where they already are. Build security into the tools and moments they already use. Listen to how work actually happens, not how it looks on a flowchart. When teams feel heard and the experience makes sense, secure behaviour becomes a habit rather than a hurdle.

Security succeeds only when people use it.

5. Move from awareness to adaptive defence

The SoSafe ecosystem evolves with every signal, turning people, threats, and real-world context into a dynamic, human-centred defence layer. Modern defence cannot stand still. It has to adjust at the same pace as the threats coming at it.

In SoSafe’s live demo, this came to life. Every click, report, and newly spotted scam feeds directly into smarter training. This steady flow of real behaviour helps organisations shape awareness around what employees actually face day to day. If users flag a new deepfake voice scam, the platform can instantly create a matching phishing test and guide you through deploying it. If a department experiences a malware incident, you can set up a focused workshop for that team straight away.

The aim is a learning loop that adapts to fresh threats and real user patterns. Staff get the right training at the right moment, and they know how to respond when similar situations appear again.

SoSafe helps your workforce recognise and respond to emerging risks such as deepfakes, AI-powered social engineering, and unsafe LLM use. It keeps your organisation adaptive to threats, to people, and to context.

Bringing it all together

HuFiCon 2025 made one message unmistakable. People remain the foundation of security. Building real resilience means giving every employee the confidence, context, and support they need to act securely in a fast-changing environment. Community, leadership, and adaptive awareness are the core of modern defence.

SoSafe helps organisations turn these ideas into daily practice. The platform combines behavioural-science simulations with real-time threat signals so training evolves as quickly as the threats do. Integrated reporting and analytics make it easier for teams to share insights, learn from one another, and keep security culture active. 

If you want to dive deeper, explore the on-demand HuFiCon 2025 sessions for the full discussions.

Access On-demand sessions from HuFiCon 2025

Watch now

And if you are already planning ahead, register your interest for the 2026 edition and get early access to speakers, themes, and key announcements.