Human Risk
Review 2024

As technology evolves and geopolitical tensions rise, the cyberthreat landscape grows more complex by the day. The survival of our organizations depends on radically strengthening our human defenses. Read our report for expert insights on how to achieve this.

Download the report
Human Risk Review

The threat landscape has reached a new level of complexity

of security professionals agree that the threat landscape is the most challenging it has been in the past 5 years.

Less than one-third (31%) believe the situation has any chance of improving in the next 12 months.

consider that their company is at a high risk of suffering a cyberattack that would have a substantially negative impact on their organization.

organizations have experienced a successful cyberattack in the last 3 years.

There are three primary accelerators behind this

Artificial intelligence

79% of security leaders agree that the use of generative AI by cybercriminals to create social engineering attacks is a concern.

Global instability

75% agree that the geopolitical situation has increased the security risk of their organization.


80% of security professionals said that supply chain security has become a more significant concern to them.

Social engineering basics still work

Top 5 tactics in successful attacks

Click rate

Interaction rate

Over a third of users click on harmful content in the emails…

…and almost 2 of 5 of them continue to interact with that content

Top subject lines and
emotional triggers in emails

Email is still the most popular channel for phishing, but its domination is ebbing as the diversification of attack channels grows.

How organizations are reacting:
They are strengthening cyber defenses and prioritizing security cultures

of security leaders say that building a security culture in their organization is a priority.

Essentially every organization said that senior executives and the board are involved in their cyber security governance and decision-making.

organizations increased their cyber security budget in the last 2 years.

But to achieve real behavior change, we need to move towards human risk management

Human Risk Review mockup

Cyber security is becoming a core component of business strategies, but not all organizations are looking at the right metrics and tools to determine the state of their security culture and to strengthen it.

In our report, you will find:

  • 6 in-depth conversations with security leaders, full of industry insights and strategies
  • Survey data and the latest news on the current state of cyber security in Europe – and best practices for minimizing human risks
  • An in-depth analysis of the industry evolution towards human risk management and its implications for your organization
Download the report

Methodology and
data sources

Survey among security professionals

  • More than 1,250 security professionals from 7 Western European countries were surveyed in 2023.
  • SoSafe collaborated with Censuswide, an international market research consultancy.
  • The size of the organizations ranged from 10 to more than 5,000 employees, across all industries.

SoSafe platform data

  • 3.2 million data points from 4,500 customer organizations from the SoSafe Awareness and Human Risk Platform were analyzed anonymously.
  • Exclusive insights into human risk levels and the success of different attack tactics were gathered.

Read the full report

Includes six in-depth interviews and helpful security best practices to help your organization effectively manage your human risk.

Human Risk Review mockup