Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Multitasking Employees Are Particularly Vulnerable to Phishing Attacks

Employees who multitask are significantly more vulnerable to phishing attacks, according to a study from the University at Albany published in the European Journal of Information Systems. “In real-world settings, users are frequently engaged in other digital tasks when a suspicious message appears, requiring them to momentarily interrupt their workflow,” the researchers write.

Cyber Risk Still #1: Why AI Is Raising the Stakes - and the Opportunities

If you’re wondering what keeps business leaders up at night, the latest Aon Global Risk Management Survey has a clear answer: cyber attacks and data breaches. Once again, they top the list as the risk to organizations worldwide — and the problem isn’t getting any smaller. In fact, Aon’s Cyber Risk Report shows incidents jumped 22% in 2025 alone.

Securing the Human-AI Boundary: Why the Future of Cybersecurity Must Train People and AI Agents

The cybersecurity landscape is undergoing its most dramatic transformation since the dawn of the internet. AI has become integral to business operations. Goldman Sachs estimates that agentic AI/AI agents will account for approximately 60% of software market value by 2030, and Gartner predicts that 40% of enterprise applications will integrate task-specific AI agents by 2026, up from less than 5% today.

New Phishing Campaign Uses AI Tools to Evade Detection

Microsoft warns that a recent phishing campaign used AI technology to obfuscate its payload and evade security filters. “Appearing to be aided by a large language model (LLM), the activity obfuscated its behavior within an SVG file, leveraging business terminology and a synthetic structure to disguise its malicious intent,” the researchers write.

Security Leaders Cite AI-Driven Phishing Attacks as a Top Concern

A new report has found that nearly 40% of security leaders believe their organizations are least prepared for phishing and other social engineering attacks, Help Net Security reports. According to the report from VikingCloud, these concerns are driven by the increasing use of AI tools to assist in cyberattacks. “Generative or agentic AI-driven phishing attacks (51%) are leadership teams’ top concern when it comes to new cyberattack techniques,” the report says.

Report: Deepfake Attacks Have Targeted Nearly Two-Thirds of Organizations

A survey by Gartner found that 62% of organizations have been hit by a deepfake attack in the past twelve months, Infosecurity Magazine reports. Akif Khan, senior director at Gartner Research, told Infosecurity Magazine that deepfakes are currently being used in social engineering attacks to impersonate executives and trick employees into transferring money. “That’s trickier because social engineering is a perpetually reliable thing for attackers to use,” Khan said.

Going DEEP: A Simple Framework for a Complex Problem

In our previous blog post, we discussed the behavioral science behind why people click on malicious links. So far in this series, we’ve established that our old security playbooks are broken and that we’re dealing with the complex psychology of the human brain. Trying to tackle that all at once can feel like herding cats. What we need is a simple, memorable mental map to bring structure to the chaos. Let’s go DEEP.

Building Trust in AI: KnowBe4's Journey Toward ISO 42001 Certification

At KnowBe4, everything we do is built on a foundation of innovation and trust. As we bring more artificial intelligence (AI) into our human risk management platform, we believe it’s essential to be transparent and responsible every step of the way. That's why we're proud to announce that we are pursuing ISO 42001 certification, the world's first standard for managing AI systems.

The 3 Biggest Email Security Challenges Facing Legal Organizations

Law firms really are under constant pressure to meet tight deadlines, maintain client confidentiality and protect privileged communications. And like most aspects of life with technology so deeply intertwined, the same tools that make work possible can also be significant sources of risk. Consider something as basic as email; likely the most commonly used tool in the profession.

The Behavioral Science Behind the Click

Welcome back. In our last blog post, we talked about the great divide between tech-focused and people-focused security. Now, let’s get nerdy and talk about the fascinating, complex, and occasionally infuriating operating system at the heart of the problem: the human brain. Ever wondered why that "Urgent Invoice" email from a brand-new supplier creates an immediate jolt of anxiety that makes you want to click? That’s not a logic failure; it’s a feature.