CISOs, Stop Chasing Vulnerabilities And Start Managing Human Risk
Help Net Security, Wednesday, September 10th, 2025
Breaches continue to grow in scale and speed, yet the weakest point remains unchanged: people. According to Dune Security's 2025 CISO Risk Intelligence Survey, over 90 percent of incidents still originate from user behavior rather than technical flaws.
The survey results show that attackers have shifted their methods and that enterprise defenses are struggling to keep pace.
Attacks move beyond email
While every enterprise surveyed simulates email phishing, most stop there. Attackers have expanded into channels that security teams rarely monitor or test, such as encrypted messaging apps, SMS, voice calls, and collaboration platforms.