The 2025 Human Risk Behavior Snapshot by Arctic Wolf highlights critical vulnerabilities for organisations in Asia, particularly as they grapple with the dual challenges of escalating cyber threats and the integration of generative AI into daily operations.
One of the most alarming findings is that 68% of IT leaders reported experiencing a breach in the past year, marking an 8% increase from 2024. Countries such as Australia, New Zealand, and the UK & Ireland saw the steepest rises, which serves as a warning for similar trends in Asia.
As organisations here become increasingly reliant on digital platforms, the potential for breaches exacerbated by human error becomes a pressing concern.
Phishing remains a prevalent threat, with nearly two-thirds of IT leaders admitting to having clicked on malicious links. Surprisingly, 75% of these leaders still believe their organisation is secure.
This overconfidence is troubling, especially when 39% of executives are targeted by phishing attempts. Such statistics illustrate the need for robust training and awareness programs to cultivate a culture of vigilance.
The report also highlights the risks introduced by generative AI. With 80% of IT leaders and 63% of employees using AI tools at work, the potential for inadvertently sharing confidential data is significant.
A staggering 60% of IT leaders and 41% of employees acknowledge feeding these tools sensitive information, underscoring the urgent need for comprehensive policies governing AI use.
Training is crucial in mitigating human risk. While 77% of IT leaders indicated they would consider terminating employees who fall for scams, organisations that prioritise corrective training report an 88% reduction in risk.
This approach fosters a supportive environment where employees feel empowered to learn from their mistakes rather than fear punitive measures.
Despite these alarming findings, many organisations still neglect fundamental security practices. Only 54% enforce multi-factor authentication (MFA) for all users, leaving entry-level accounts vulnerable and creating easy access points for attackers.
“The rise of generative AI has created powerful new tools—but also powerful new risks,” said Adam Marrè, senior vice president and CISO at Arctic Wolf. “Reducing human risk requires a culture that empowers employees to learn and improve continuously.”
As CISO leaders in Asia prepare for 2026, understanding these trends and implementing proactive measures will be crucial in safeguarding their organisations against evolving threats.
