DEFENSESTORM BLOG
Tuesday, October 7th, 2025
Year after year, the data tells the same story: people remain the prime target in cyberattacks. Now, with attackers using AI to clone voices and craft convincing scams, the human element has become both our greatest risk and greatest opportunity. That’s why we’re revisiting the article, “The Human Firewall: Strengthening the Weakest Link in Cybersecurity,” because the strongest defense in 2025 is still built on the collaboration of technology, culture, and leadership to strengthen the human firewall.
In 2023, DefenseStorm CEO Steve Soukup, wrote the article, “The Human Firewall: Strengthening the Weakest Link in Cybersecurity, published in Cyber Defense Magazine,” which called out a hard truth – that human error was behind nearly 90–95% of data breaches. Fast forward to 2025, and guess what? Despite enormous investments in AI-driven defenses, the human element remains both our greatest risk and our greatest opportunity.
Today’s threat landscape looks different, but the root problem hasn’t changed. Attackers are using AI to create perfectly convincing phishing messages, clone voices, and impersonate executives in real time. And with the pace of work and constant distractions in hybrid and remote environments, it’s easier than ever for mistakes to happen.
Recent 2025 reports highlight the increasing sophistication and expense of human-targeted attacks:
Types of human-targeted attacks on the rise:
While the numbers will inevitably shift year to year, the trend is clear: the human element remains the most targeted and costly vulnerability in cybersecurity. The takeaway from two years ago remains powerful in that the best defense is not just smarter technology, but more cyber-aware people, and it has to start from the top. What separates resilient organizations from vulnerable ones isn’t budget size, it’s a cyber aware culture. Investing in continuous security awareness and training is one of the most effective, proactive defenses organizations can implement.
In 2025, your strongest defense is still human – empowered by technology, supported by leadership, and strengthened by continuous awareness.
Read the full 2023 article to learn powerful, actionable strategies to nurture a cyber aware culture and ultimately, strengthen your human firewall.
“Mistakes are made at ALL levels and across ALL departments due to insufficient cyber risk awareness training, distraction, burnout, or even complacency.”
“A joint study by Stanford University Professor Jeff Hancock and security firm Tessian, found that a staggering 88% of data breaches result from employee mistakes. IBM Security’s research reports an even higher figure at 95%.
“…internal Security Operations Center (SOC) tasks become redundant for individuals. Boredom fuels complacency, which in turn, spawns errors and oversights.”