• About
  • Subscribe
  • Contact
Monday, September 8, 2025
    Login
FutureCISO
  • People
  • Process
  • Technology
  • Resources
    • White Papers
    • PodChats
No Result
View All Result
  • People
  • Process
  • Technology
  • Resources
    • White Papers
    • PodChats
No Result
View All Result
FutureCISO
No Result
View All Result
Home Technology Data Protection

Human error drives 60% of email breaches

FutureCISO Editors by FutureCISO Editors
September 8, 2025
Share on FacebookShare on Twitter

The Kiteworks 2025 Data Security and Compliance Risk Annual Survey report starkly reveals that email remains 16% more vulnerable to breaches than more secure transfer protocols like SFTP, despite being the medium for 90% of sensitive business communications.

For Asian organisations, this gap exposes critical blind spots that demand urgent re-evaluation of defensive strategies.

The report highlights that “email’s architecture was never built for secure data transmission,” underscoring why traditional security fixes remain insufficient.

In Asia-Pacific (APAC) specifically, organisations are nearly 30% more exposed to email-related risks than their European counterparts, a statistic echoed by rising phishing and business email compromise (BEC) attacks targeting major hubs like Singapore and Hong Kong.

These threats are escalating partly because email security adoption is inconsistent; for example, only 12% of APAC firms have implemented essential email authentication protocols like DMARC, leaving them susceptible to spoofing and fraudulent emails.

Importantly, the Kiteworks study exposes how both industry and geography shape breach risk. Defence and security organisations, for instance, face over 50% higher likelihood of email-related breaches compared to industries like life sciences, regardless of the security tools deployed.

This finding emphasises the need for tailored, sector-specific cybersecurity measures.

“Attackers exploit industry- and region-specific weaknesses. Organisations that benchmark against averages instead of their true exposure are flying blind,” noted Tim Freestone, CMO of Kiteworks.

Mitigating human error emerges as a pivotal defence strategy. Proactive interventions that prevent mistakes before they occur—such as real-time alerts for misaddressed emails or sensitive data—can reduce incidents by 41% compared to reactive measures.

Related:  Gartner: Adopt a minimum effective mindset to maximise cybersecurity value

These “just-in-time awareness nudges” empower employees to act as the first line of defence without disrupting workflows, offering a significant improvement over traditional post-breach responses.

The report also recommends three core practices for success: proactive human error prevention, zero-knowledge encryption to restrict access even from administrators, and seamless security integration to ensure user adoption rates exceed 95%.

These principles are critical for Asian organisations aiming to enhance resilience amid escalating email threats.

In an era where 60% of breaches originate from employee mistakes and threat actors increasingly exploit regional dynamics, CISOs in Asia must urgently reassess their email risk posture and invest in nuanced, integrated security solutions to safeguard sensitive data and maintain operational trust.

Tags: Kiteworks
FutureCISO Editors

FutureCISO Editors

No Result
View All Result

Recent Posts

  • Human error drives 60% of email breaches
  • The benefits of AI-powered Network Detection and Response
  • Phishing susceptibility remains high among bank employees
  • Singapore leads in AI security, faces shadow AI woes
  • New initiatives to combat Southeast Asia scams

Categories

  • Blogs
  • Compliance and Governance
  • Culture and Behaviour
  • Cybersecurity careers
  • Data Protection
  • Endpoint Security
  • Incident Response
  • Network Security
  • People
  • Process
  • Resources
  • Risk Management
  • Technology
  • Training and awarenes
  • Videos
  • Webinars and PodChats
  • White Papers

Strategic Insights for Chief Information Officers

FutureCISO serves the interests of the Chief Information Security Officer (CISO) and the information security profession. Its purpose is to provide relevant and timely industry insights around all things important to security professionals and organisations that recognize and value the importance of protecting the organisation’s data and its customers’ privacy.

Cxociety Media Brands

  • FutureIoT
  • FutureCFO
  • FutureCIO

Categories

  • Privacy Policy
  • Terms of Use
  • Cookie Policy

Copyright © 2024 Cxociety Pte Ltd | Designed by Pixl

Login to your account below

or

Not a member yet? Register here

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • People
  • Process
  • Technology
  • Resources
    • White Papers
    • PodChats
Login

Copyright © 2024 Cxociety Pte Ltd | Designed by Pixl