Human Risk Review 2022
Keep an eye on these cyber trends
Supply chain attacks, AI-based spear phishing and hybrid work – the cyber threat landscape remains tense. Cybercrime-as-a-service is becoming the standard business model, and attack tactics are evolving almost by the minute.
The human machine interface still is the number one entry point – more than 85% of attacks start with the human factor. This is because employees can always be attacked in a similar way, even when using the most diverse tools – via emotional manipulation and social engineering.
The Human Risk Review 2022 provides an overview of all developments and awareness approaches that organizations should consider now in order to avoid being overrun by cybercriminals’ innovative power.
In this report, you will find:
- Analyses of current threats and trends in the areas of cybercrime and information security
- Data-based insights into the most successful social engineering and phishing tactics of cybercriminals
- Behavioral science-based tips for sustainably minimizing human risks and strengthening your security structure
“Now is the time to counteract professional cybercriminals, and to secure data and systems by minimizing human security risks!”Niklas Hellemann PhD, psychologist and Managing Director at SoSafe
Get your Human Risk Review 2022 now
Find out more about the human factor in cyber security
What developments are currently putting cyber security to the test, and what are organizations expecting in the coming months and years?
What social engineering tactics are particularly successful for cybercriminals and what causes poor security choices?
Human Risk Model
What makes up the human cyber security risk, and how can it be minimized through psychological means?
Focus on sectors
Cybercriminals are increasingly focusing on individual industries. What measures can they take to protect themselves?
How do experts in science and the economy assess the threat situation?
How can organizations and parties responsible for security prepare for future cybercrime developments?
Drawing on various data sources, this study takes a closer look at cyber security and human risks. The core analyses are based on several million data points from the SoSafe Awareness Platform, which were analyzed using differentiated technical and psychological KPIs. In addition, more than 250 IT (security) managers were anonymously surveyed on current threats and the state of cyber security awareness training in their organization. Data on malware infections and development was provided by AV-TEST.
In addition to technical security measures, organizations should now focus on the human factor, and strengthen their security culture by training their employees. SoSafe's awareness platform combines motivational e-learning with smart phishing simulations to help organizations drive secure employee behavior. The platform is easy to implement and scale - and admins can always track progress and platform ROI via strategic risk monitoring to be able to proactively respond in case of risks.
Cyber Security Awareness
What are the differences between spear phishing and phishing?
That once seemingly simple email now carries the disguised power of being dangerous. Unfortunately, this makes it an effective tool for cybercriminals. To be safe, spotting a phishing email is step one. Are you confident you can? What about its more advanced version, infamously known as spear phishing? Let’s find out.
Behavioral Science, Cyber Security Awareness
Gamification in e‑learning: Enhancing the online learning experience
If someone told you learning is no less than a game, would you believe them? Gamification has revolutionized e-learning across industries and domains, creating a massive impact on providing a sense of achievement for learners. The interesting part? Having fun throughout this process is just the beginning.
The Privacy Shield decision: What does the Schrems II ruling mean for your organization?
All it takes is one person to start the domino effect. This is what happened when one individual filed a case about his data being processed in another country. This re-opened the conversation about data privacy and the impact it has on companies and consumers. Are policies enough, especially if the control rests with the government?