South African organisations are concerned about the potential for artificial intelligence to be used to launch attacks that are hard to guard against.
This is among the findings from Mimecast’s ninth annual State of Human Risk report. Based on the findings of an in-depth global survey of 1 100 IT security and IT decision-makers, including South Africa’s private sector, the report provides key insights into the human risk landscape and offers recommendations for organisations to improve their cybersecurity posture and optimise budgets.
While 62% of respondents say that the adoption of a formal cybersecurity strategy has significantly improved their organisation’s risk level, the report indicates that security leaders are still grappling with an increasingly complex threat landscape.
Key findings from The State of Human Risk 2025 include the fact that AI is emerging as both a serious threat and a valuable opportunity.
While only 50% say that their organisation is using AI to help defend against cybersecurity attacks and/or insider threats, 83% express concerns about the potential for sensitive data leaks via GenAI tools. More than half say they are fully prepared with specific strategies for AI-driven threats (55%).
As the head of IT at a retail company noted, when discussing the need for AI during the survey: “You can’t stand there trying to put your finger in the hole of a dam. You’ve got to embrace it.”
An IT director at a utilities company also underscored the importance of embracing AI: “I think [it] will evolve quickly, and we’ll have to embrace it quickly as well. You’ve got to always keep one step ahead of the game, [and] we’re looking to vendors to help us with that.”
At the same time, respondents believe threats from inside the organisation carry costly ramifications.
While mitigating external risk is still a significant requirement for security leaders, they must be just as vigilant when it comes to insider risk, both intentional and unintentional. Local respondents report an average of 25 insider-driven data exposure, loss, leak and theft events in a month.
The State of Human Risk report also found that the average insider-driven event costs an organisation $14,2-million.
Despite the threats, the study found that cybersecurity budgets are growing, but not enough to meet demand.
While 86% of respondents said their organisation’s cybersecurity budget has increased in the last 12 months, it’s clear that budget allocation is still an issue.
According to Verizon’s 2024 Data Breach Investigations Report, 68% of breaches involved a non-malicious human element, an indicator that organisations are not taking a human-centric approach to managing cyber risk.
According to the respondents of The State of Human Risk, additional budget is required for cybersecurity staff and third-party services (67%), email security (52%) and collaboration tool security (47%).
And, despite regular training, organisations fear human error.
A combined 86% of surveyed security decision-makers say their organisation trains its employees to spot cyberattacks monthly (38%), quarterly (29%) or on an ongoing basis (19%).
However, 43% of respondents believe their emp,loyees lack awareness or understanding of security protocols, while 28% fear employee fatigue causes lapses in vigilance.
As one respondent an insurance industry CIO, put it: “Accidental breaches occur when employees inadvertently compromise sensitive systems through misaddressed emails or failure to follow data disposal protocols. These errors, while unintentional, carry serious consequences.”
The Mimecast research confirms that collaboration tools continue to expand the attack surface.
Collaboration tools are still a growing attack surface. Most respondents say that it is inevitable or likely that their organisation will suffer a negative business impact from an attack linked to a collaboration tool in 2025 (57%).
“AI is reshaping cybersecurity at an unprecedented pace, acting as both a powerful defence tool and an evolving threat. Over the past year, while half of organisations have adopted AI for threat detection and real-time monitoring, cybercriminals have also harnessed it to execute increasingly sophisticated attacks,” says Brian Pinnock, vice-president of sales engineering at Mimecast.
“Security leaders now face mounting challenges, from insider threats and expanding attack surfaces in collaboration tools to AI-powered cyberattacks. While proactive measures are essential, effectively managing human risk, implementing tailored employee training, and strengthening defences against business email compromise (BEC) remain critical.
“As AI continues to shape the cybersecurity landscape, organisations must strike a balance by leveraging AI for defence while remaining vigilant against its risks.”