Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

We’ve come a long way. We’ve deconstructed the problem, explored the complexity of humans, and laid out a strategic framework and a practical map—all of which can be explored in more detail in our Human Risk Management (HRM) whitepaper. Now for the final piece of the puzzle: the engine. A strategy this dynamic and personalised can't run on spreadsheets and manual effort alone. It needs to be powered by an intelligent, integrated platform.

Job-related scams surged by more than one thousand percent between May and July 2025, according to new research from McAfee. Job seekers are particularly vulnerable to scams, since they’re expecting to receive unsolicited messages and are more likely to overlook red flags. The researchers offer the following advice to help users avoid falling for these attacks: The researchers conclude that awareness is an essential layer of defense against social engineering attacks.

A new report warns of a significant spike in SMS phishing (smishing) scams targeting younger Americans between 18 and 29 years old. The report, released by Consumer Reports, Aspen Digital and the Global Cyber Alliance, also found that 30 percent of people who experienced a cyberattack or scam this year said it began over a text message or a messaging app, compared to 20 percent last year.

OpenAI, the people behind ChatGPT, have launched an updated AI video- and audio-generation system with fascinating, and terrifying, implications for the spread of deepfakes.

The conversation about AI in cybersecurity is missing the point. While the industry has been focused on the emergence of AI-generated phishing emails, perhaps a far more profound shift has been somewhat ignored. Your workforce is no longer just human. It's a hybrid team of people, AI agents, copilots, assistants and digital partners. This creates a new and complex attack surface. The next great security challenge isn't just protecting a human from a machine.

Fighting voice-based phishing needs to be a big part of your human risk management (HRM) plan. KnowBe4 and the HRM industry have been warning about voice-based social engineering and phishing for decades. Some of the biggest and most notable hacks have long been based on it. Stories have often been told of brazen calls that resulted in big hacks.

Employees who multitask are significantly more vulnerable to phishing attacks, according to a study from the University at Albany published in the European Journal of Information Systems. “In real-world settings, users are frequently engaged in other digital tasks when a suspicious message appears, requiring them to momentarily interrupt their workflow,” the researchers write.

The cybersecurity landscape is undergoing its most dramatic transformation since the dawn of the internet. AI has become integral to business operations. Goldman Sachs estimates that agentic AI/AI agents will account for approximately 60% of software market value by 2030, and Gartner predicts that 40% of enterprise applications will integrate task-specific AI agents by 2026, up from less than 5% today.

If you’re wondering what keeps business leaders up at night, the latest Aon Global Risk Management Survey has a clear answer: cyber attacks and data breaches. Once again, they top the list as the risk to organizations worldwide — and the problem isn’t getting any smaller. In fact, Aon’s Cyber Risk Report shows incidents jumped 22% in 2025 alone.

Microsoft warns that a recent phishing campaign used AI technology to obfuscate its payload and evade security filters. “Appearing to be aided by a large language model (LLM), the activity obfuscated its behavior within an SVG file, leveraging business terminology and a synthetic structure to disguise its malicious intent,” the researchers write.