The Cybercrime Trends 2025 report is here. Get expert insights to tackle next-gen cyber risks. Read more.

DEPLOY GLOBALLY IN 2 DAYS

Complete implementation across 32 languages
with minimal IT overhead or management time

TRUSTED BY 5,500+ BRANDS WORLDWIDE

Trusted across 37 countries by organizations ranging from
SMBs to Fortune 500 enterprises, like Miele and Aldi

RATED 4.6/5

More than 750 Reviews on G2.
Winner of the 2025 Winter Leader Award

Contact
Languages

Human Risk
Review

Cybercrime is the no. 1 business risk – and employee behavior has a lot to do with decreasing that risk. Learn more in this report, featuring expert interviews and exclusive phishing data.

Download the report
Human Risk Review visual Background gradient

As seen in

Yahoo Finance logo TEFR logo Sifted logo

The threat landscape is tense

Cybercrime today is highly professionalized – exploiting vulnerabilities on a large scale, employing innovative and sophisticated tactics, and posing immense challenges to businesses, governments, and individuals alike. And the situation isn’t likely to improve in the near future:

1 in 2

organizations experienced a successful cyberattack in the past 3 years.

of organizations don’t expect the situation to ease in the next year, either.

Top 3 tactics in successful attacks

Top 3 departments targeted

Find out more

Meanwhile, cybercrime is booming

Various trends, including geopolitics, AI advancements, new work models, and IT staff shortages further worsen the cyberthreat landscape. As cybercriminals quickly adapt their tactics to these changes, many organizations struggle to minimize (human) cyber risks.

3 in 4

security professionals say their organization’s cyber risk has increased due to geopolitics, AI, and remote work.

8 in 10

say their organization’s security is increasingly dependent on the security of their partners and suppliers.

In case of a successful ransomware attack, more than a third of companies paid the ransom.

Among smaller companies, almost half were forced to pay.

Find out more

More insights waiting for you

  • 9 in-depth conversations with security leaders, full of industry insights and strategies
  • An expert survey on the current state of cyber security in Europe – and best practices for minimizing human risks
  • Detailed social engineering analyses, providing a look into cybercriminals’ most successful tactics
Download the full report

Expert interviews

First-hand industry insights from security leaders

Bundeswehr logo
Bundeswehr logo

Companies have invested more in technology than in people over the past 10 years. They’ve since come to understand that technology isn’t everything, and that social engineering is a real problem.

Dr. Katrin Suder

I often hear the old saying, ‘If it’s not broken, don’t fix it.’ But when an attack does happen, the consequences can be severe.

Thomas Tschersich

Thomas Tschersich

CSO at Deutsche Telekom & CEO at Telekom Security

We shouldn’t only focus on the corporate level but also on other levels to increase security awareness in society, make people comprehend the threat situation, the need for cyber resiliency, and how to handle sensitive data. It should be a mandatory subject for everyone.

Jens Becker

Jens Becker

CIO at Zurich Gruppe Deutschland

The number one challenge in the cyber security industry right now is burnout: There’s too much data, too many cases, and not enough time.

Stéphane Duguin

Stéphane Duguin

CEO at CyberPeace Institute

We’re receiving harmful emails more frequently, and each new wave is more intense than the last.

Sascha Czech

Sascha Czech

CSO at Uniklinik Münster

Everything that I can cover through employee awareness makes me more resilient as a company. I save on time, money, and stress, and avoid more risks.

Thomas Schumacher

Thomas Schumacher

Managing Director at Accenture Security Germany

Cyber awareness must become an integral part of everyday routine, just like fastening the seatbelt before driving.

Major General Jürgen Setzer

Major General Jürgen Setzer

CISO Bundeswehr

Many users are less focused when working from home, and it’s a more relaxed environment. They mix a lot of personal activities into their workflow, resulting in inattentiveness.

Dr. Stefan Lüders

Dr. Stefan Lüders

Computer Security Officer at CERN

Human behavior is always most easily detected by other people. If you rely 100% on technology and assume that it will catch everything, you’re making a big mistake.

Tobias Ludwichowski

Tobias Ludwichowski

CISO at Signal Iduna

Previous insight Next insight
Read full interviews

80% of security experts see social engineering and phishing as major risks to their organization

1 in 3

users click on harmful content in phishing emails, and out of these…

1 in 2

proceed to enter sensitive information.

Digital natives are

more likely to click on phishing emails than older users.

Find out more

Are companies prepared?

Security experts have realized that technology alone is not enough to protect their organizations. As employees remain susceptible to social engineering attacks and risky security practices, organizations are prioritizing building strong security cultures.

Top 3 priorities for security professionals:

9 in 10 organizations plan to maintain or increase their awareness measures in the upcoming year.

The biggest levers for greater security awareness impact, according to security professionals:

Find out more

Our data

Methodology and data sources

A

Survey among security professionals

  • More than 1,000 security professionals from 6 European countries were surveyed in 2023.
  • In collaboration with Censuswide, an international market research consultancy.
  • The size of the organizations ranged from 10 to more than 5,000 employees, across all industries.
B

SoSafe platform data

  • 8.4 million simulated phishing emails from 3,000 customer organizations were analyzed.
  • Exclusive insights into human risk levels and the success of different attack tactics were gathered.
C

Phish Test

  • Over 9,000 simulated emails were sent to users who signed up in 2022.
  • Participants were sent three simulated attacks over the course of a week.
  • The users had to identify these emails. If they clicked, they were forwarded to contextual learning resources.

Read the full report!

Including full-length expert interviews, exclusive social engineering and phishing data, and best practices for minimizing human risks.

The human risk platform that deploys in days, not months

Compliance & security

The Forrester Wave™ Strong Performer 2024: Human Risk Management Solutions

Experience our products first-hand

Use our online test environment to see how our platform can help you empower your team to continuously avert cyber threats and keep your organization secure.

The Forrester Wave™ Strong Performer 2024: Human Risk Management Solutions
Products

Security Awareness Training

Create safer habits through personalized, gamified, and story-based cybersecurity awareness training.

Smart phishing simulations

Improve your employees’ threat reporting skills and accelerate threat detection.

Always-on human security copilot

Transform your workforce into a proactive defence line with our AI-powered conversational chatbot Sofie.

Proactive human risk management

Continuously monitor, measure, and mitigate human risk in real time with the Human Risk OS platform.

Discover our solutions
with our product tours

Human Risk OS Start virtual tour
Solutions

Become security compliant

Security compliance

Automate and accelerate time to compliance

Build a security culture

Security culture

Integrate secure behaviour into your organisation’s DNA

Discover our customer success stories

Customer stories Read now
Pricing
Resources

Read

Reports Guides Blog Glossary Perks Customer stories

Watch

Webinars CISO Help Hotline Replays

Listen

Podcast

Attend

Human Firewall Conference

Test

Danger Lab Phishing game Test your cyber resilience

Featured resource

Cybercrime
Trends 2025

AI, supply chain exploits, and threats to personal identities are reshaping the cyberthreat landscape. Read the report to assess your security posture and get actionable security tips.

Read more
Company

Join our hero squad

Looking for a mission that matters? Become a cyber hero with us and make the digital world a safer place.

Become a cyber hero with us and make the digital world a safer place.

Apply now
Partners
Become a partner Become an MSP partner
Contact Login
Languages

This page is not available in English yet.

This page is not available in your language yet. You can continue in English or return to the US homepage.

This page is not available in your language yet. You can continue in English or return to the Aus homepage.

Diese Seite ist noch nicht in Ihrer Sprache verfügbar. Sie können auf Englisch fortfahren oder zur deutschen Startseite zurückkehren.

Cette page n’est pas encore disponible dans votre langue. Vous pouvez continuer en anglais ou revenir à la page d’accueil en français.

Deze pagina is nog niet beschikbaar in uw taal. U kunt doorgaan in het Engels of terugkeren naar de Nederlandse startpagina.

Esta página aún no está disponible en español. Puedes continuar en inglés o volver a la página de inicio en español.

Questa pagina non è ancora disponibile nella tua lingua. Puoi continuare in inglese oppure tornare alla home page in italiano.