Latest news with #CyentiaInstitute
Associated Press
23-07-2025
- Business
- Associated Press
CyberTheory Releases New 2025 CISO Engagement and Decision Drivers Study
Princeton, NJ July 23, 2025 --( )-- CyberTheory, the premier marketing intelligence firm dedicated to cybersecurity vendors, today announced the release of the 2025 CISO Engagement and Decision Drivers Study, developed in partnership with Cyentia Institute. The study distills millions of engagement signals from ISMG subscriber activity, showing content consumption patterns and trends across multiple variables, including topic, company size, industry, asset format, role, region, and more. These insights can be used to develop more effective cybersecurity marketing and content strategies. CyberTheory and Cyentia Institute also provide in-depth analysis and actionable takeaways, such as how today's cybersecurity professionals consume content, engage with critical topics like AI and OT security, and respond to account-based marketing (ABM) strategies. 'As buyer behavior continues shifting toward self-guided discovery before engaging with sales, traditional approaches to demand generation see diminishing returns. It's more important than ever for marketers to develop influential content,' said Mike D'Agostino, general manager at ISMG. 'This report reveals data-driven insights to help marketers create engaging assets that resonate with buyers and drive action.' Top insights emerging from the study include: 1) AI dominates cybersecurity content: 56% of users interacted with content on artificial intelligence (AI) and machine learning between Q4 2024 and Q1 2025, leading all other topics in engagement by more than 20 percentage points. AI-related content assets also increased sixfold from 2022 to 2024. 2) Sponsored content on OT cybersecurity lags behind demand: Despite a 51% year-over-year increase in editorial OT content during 2024, sponsored content on OT security declined by 53% from the first to the second half of 2024. 3) Contact-level intelligence shows hidden buyer behaviors: Non-sponsored content saw 13 times more engagements than sponsored content within one large financial services organization. Since many marketers use ABM strategies to reach key prospects, the study shows how contact-level intelligence can be used to reveal these normally hidden buyer behaviors within target accounts. 4) Event attendance supercharges content engagement: When one or more person from an organization attends an event, overall content engagement jumps an average of 1,400% across the organization. This provides marketers with an ABM road map for event sponsorship, prospect engagement and follow-up promotion. 5) Webinars and editorial articles surpass other content formats for CISO engagement: Among CISOs and high-level executives, webinars outperformed all other content formats for engagement, followed closely by editorial articles in second place. 'AI content clearly outperformed other themes, which signals a major opportunity for marketers,' said Julie Jordan, executive director at CyberTheory. 'Including AI in your content plans as soon as possible is the fastest way to spark more engagement, especially when combined with the other performance drivers emerging from the study,' she added. CyberTheory leveraged its exclusive access to ISMG's intent and engagement data, spanning a media network of 38 online properties and a subscriber base of more than 2 million cybersecurity professionals. The behavioral signals come from over 500,000 daily user interactions across 300-plus cybersecurity topics. Additional data sources include ISMG's roster of global events, as well as the CyberEdBoard community, education platform and CyberTheory's first-hand market intelligence. 'By diving deeply into ISMG's user engagement data from across its vast subscriber base and media network, this study offers much more than trend analysis. It provides the critical insights and foresight needed to inform tactics in this rapidly evolving, highly competitive space,' said Wade Baker, co-founder and partner at Cyentia Institute. Download the free report here. For more information on the report or to request a consultation, contact [email protected] or visit About CyberTheory CyberTheory is a marketing advisory firm built for cybersecurity. We help vendors turn market signals into strategy, campaigns into results, and content into conversations that matter. We support some of the world's largest cybersecurity and IT solution providers with end-to-end strategy, content, media planning, tactical execution, and more. About ISMG Information Security Media Group (ISMG) is the world's largest media organization devoted solely to cybersecurity, information technology, artificial intelligence and operational technology. Each of our 38 media properties provides education, research and news that is specifically tailored to key vertical sectors including banking, healthcare and the public sector; geographies from North America to Southeast Asia; and topics such as data breach prevention, cyber risk assessment, OT security, AI and fraud. Our annual global summit series connects senior security professionals with industry thought leaders to find actionable solutions for pressing cybersecurity challenges. About Cyentia Institute Cyentia Institute delivers high-integrity, high-quality, data-driven research which provides meaningful marketing content for clients to drive sales and attain greater visibility in competitive markets. Cyentia's partnership with ISMG provides robust, data-based research and analysis to help the cybersecurity community reduce risks and confront the latest threats. Contact Information: Mike D'Agostino +1-609-356-1499 Contact via Email Read the full story here: CyberTheory Releases New 2025 CISO Engagement and Decision Drivers Study Press Release Distributed by
Malaysian Reserve
22-07-2025
- Business
- Malaysian Reserve
New Report Reveals Just 10% of Employees Drive 73% of Cyber Risk
AUSTIN, Texas, July 22, 2025 /PRNewswire/ — Living Security, the global leader in Human Risk Management (HRM), today released the 2025 State of Human Cyber Risk Report, an independent study conducted by leading research firm Cyentia Institute. The report provides an unprecedented look at behavioral risk inside organizations and reveals how strategic HRM programs can reduce that risk 60% faster than traditional methods. Drawing on behavioral data from more than 100 enterprises and hundreds of millions of user events, the study offers a first-of-its-kind, data-driven map of where cyber risk actually lives in the workforce and how leading organizations are shrinking it. The report confirms a long-suspected but rarely proven reality: a small fraction of employees (just 10%) are responsible for 73% of risky behavior. According to the findings, it's clear that protecting the enterprise in 2025 means managing people, not just systems. 'Security teams have always known the human factor plays a critical role in breaches, but they've lacked the visibility to act on it,' said Ashley Rose, CEO and Co-founder of Living Security. 'Until now, most insights have relied on anecdotal evidence or narrow indicators like phishing clicks. This report changes that by providing hard data that shows exactly where risk lives, and what actually works to reduce it.' Key Findings from the Report: Human risk is concentrated, not widespread: Just 10% of employees are responsible for nearly three-quarters (73%) of all risky behavior. Visibility is alarmingly low: Organizations relying solely on security awareness training (SAT) have visibility into only 12% of risky behavior, compared to 5X that for mature HRM programs. Risk is often misidentified: Contrary to popular belief, remote and part-time workers are less risky than their in-office peers. HRM works: Companies using Living Security's Unify platform cut their risky user population by 50% and reduced high-risk behavior duration by 60%. From Awareness to Action: Making Human Risk Measurable Unlike traditional reports that focus on external threats or compliance audits, the 2025 State of Human Cyber Risk Report centers on internal risk behaviors and how they change with the right interventions. The report includes: A detailed breakdown of what constitutes human risk across behaviors, events, and attributes Analysis of how risk is distributed across roles, industries, and access levels Persona-based insights using behavioral alignment models Proof that HRM initiatives, especially behavior-triggered action plans, dramatically reduce organizational risk exposure A Call to Cybersecurity Leaders With budgets tightening and threats evolving, the stakes are clear: cybersecurity can no longer rely on awareness alone. Leaders must prioritize behavioral visibility, targeted action, and ROI-driven results. 'Cybersecurity is no longer just about technology, it's about behavior,' said Rose. 'If we don't understand who our riskiest users are, why they're at risk, and how to help them improve, we'll continue chasing symptoms instead of solving the root problem.' Looking Ahead These findings come at a time when AI agents and digital co-workers are entering the enterprise and the attack surface is evolving fast. As pioneers in Human Risk Management, Living Security sees this evolution clearly: the future of cyber resilience isn't just about managing human risk, it's about managing behavioral risk, wherever it originates. This report not only celebrates measurable progress on the human side, but also signals what comes next: a future where enterprises govern both humans and agents through shared visibility, standards, and accountability. About the Report The 2025 State of Human Cyber Risk Report was produced in partnership with the Cyentia Institute using anonymized data from Living Security's Unify platform over the last several years. It reflects hundreds of millions of real-world user events and decisions, collected and analyzed to provide a clear picture of how human risk shows up, and how it can be reduced. The full report is available for download at: For a deeper look at the findings, users can join a live webinar with Cyentia researchers and Living Security CEO Ashley Rose on July 23 at 3PM ET / 12PM PT by registering here. About Cyentia Institute The Cyentia Institute is a renowned research firm committed to providing high-quality, data-driven insights to help organizations enhance cybersecurity and effectively manage information risks. Through collaborations with leading industry and government entities, Cyentia continually advances cybersecurity knowledge and practice. About Living Security Living Security is the global leader in Human Risk Management (HRM), providing a risk-informed approach that meets organizations where they are—whether that's starting with AI-based phishing simulations, intelligent behavior-based training, or implementing a full HRM strategy that correlates behavior, identity, and threat data streams. Living Security's Unify platform delivers 3X more visibility into human risk than traditional, compliance-based training platforms by eliminating siloed data and integrating across the security ecosystem. The platform pinpoints the 8–12% of users who pose the greatest risk and automates targeted interventions in real time—reducing exposure to human risk by over 90%. Powered by AI, human analysis, and industry-wide threat telemetry, Unify transforms fragmented signals into intelligent, adaptive defense. Named a Global Leader in Human Risk Management by Forrester and trusted by enterprises like Unilever, Mastercard, Merck, and Abbott Labs, Living Security helps security teams move from awareness to action—driving measurable behavior change and proving impact at every stage of the journey. For more information, users can find them online at or follow on LinkedIn. Contact:Living Security PressLiving Securitymedia@ Photo:
Business Insider
22-07-2025
- Business
- Business Insider
New Report Reveals Just 10% of Employees Drive 73% of Cyber Risk
Austin, United States / TX, July 21st, 2025, CyberNewsWire Living Security, the global leader in Human Risk Management (HRM), today released the 2025 State of Human Cyber Risk Report, an independent study conducted by leading research firm Cyentia Institute. The report provides an unprecedented look at behavioral risk inside organizations and reveals how strategic HRM programs can reduce that risk 60% faster than traditional methods. Drawing on behavioral data from more than 100 enterprises and hundreds of millions of user events, the study offers a first-of-its-kind, data-driven map of where cyber risk actually lives in the workforce and how leading organizations are shrinking it. The report confirms a long-suspected but rarely proven reality: a small fraction of employees (just 10%) are responsible for 73% of risky behavior. According to the findings, it's clear that protecting the enterprise in 2025 means managing people, not just systems. 'Security teams have always known the human factor plays a critical role in breaches, but they've lacked the visibility to act on it,' said Ashley Rose, CEO and Co-founder of Living Security. 'Until now, most insights have relied on anecdotal evidence or narrow indicators like phishing clicks. This report changes that by providing hard data that shows exactly where risk lives, and what actually works to reduce it.' Key Findings from the Report: Human risk is concentrated, not widespread: Just 10% of employees are responsible for nearly three-quarters (73%) of all risky behavior. Visibility is alarmingly low: Organizations relying solely on security awareness training (SAT) have visibility into only 12% of risky behavior, compared to 5X that for mature HRM programs. Risk is often misidentified: Contrary to popular belief, remote and part-time workers are less risky than their in-office peers. HRM works: Companies using Living Security's Unify platform cut their risky user population by 50% and reduced high-risk behavior duration by 60%. From Awareness to Action: Making Human Risk Measurable Unlike traditional reports that focus on external threats or compliance audits, the 2025 State of Human Cyber Risk Report centers on internal risk behaviors and how they change with the right interventions. The report includes: A detailed breakdown of what constitutes human risk across behaviors, events, and attributes Analysis of how risk is distributed across roles, industries, and access levels Persona-based insights using behavioral alignment models Proof that HRM initiatives, especially behavior-triggered action plans, dramatically reduce organizational risk exposure A Call to Cybersecurity Leaders With budgets tightening and threats evolving, the stakes are clear: cybersecurity can no longer rely on awareness alone. Leaders must prioritize behavioral visibility, targeted action, and ROI-driven results. 'Cybersecurity is no longer just about technology, it's about behavior,' said Rose. 'If we don't understand who our riskiest users are, why they're at risk, and how to help them improve, we'll continue chasing symptoms instead of solving the root problem.' Looking Ahead These findings come at a time when AI agents and digital co-workers are entering the enterprise and the attack surface is evolving fast. As pioneers in Human Risk Management, Living Security sees this evolution clearly: the future of cyber resilience isn't just about managing human risk, it's about managing behavioral risk, wherever it originates. This report not only celebrates measurable progress on the human side, but also signals what comes next: a future where enterprises govern both humans and agents through shared visibility, standards, and accountability. About the Report The 2025 State of Human Cyber Risk Report was produced in partnership with the Cyentia Institute using anonymized data from Living Security's Unify platform over the last several years. It reflects hundreds of millions of real-world user events and decisions, collected and analyzed to provide a clear picture of how human risk shows up, and how it can be reduced. The full report is available for download at: For a deeper look at the findings, users can join a live webinar with Cyentia researchers and Living Security CEO Ashley Rose on July 23 at 3PM ET / 12PM PT by registering here. The Cyentia Institute is a renowned research firm committed to providing high-quality, data-driven insights to help organizations enhance cybersecurity and effectively manage information risks. Through collaborations with leading industry and government entities, Cyentia continually advances cybersecurity knowledge and practice. About Living Security Living Security is the global leader in Human Risk Management (HRM), providing a risk-informed approach that meets organizations where they are—whether that's starting with AI-based phishing simulations, intelligent behavior-based training, or implementing a full HRM strategy that correlates behavior, identity, and threat data streams. Living Security's Unify platform delivers 3X more visibility into human risk than traditional, compliance-based training platforms by eliminating siloed data and integrating across the security ecosystem. The platform pinpoints the 8–12% of users who pose the greatest risk and automates targeted interventions in real time—reducing exposure to human risk by over 90%. Powered by AI, human analysis, and industry-wide threat telemetry, Unify transforms fragmented signals into intelligent, adaptive defense. Named a Global Leader in Human Risk Management by Forrester and trusted by enterprises like Unilever, Mastercard, Merck, and Abbott Labs, Living Security helps security teams move from awareness to action—driving measurable behavior change and proving impact at every stage of the journey. Contact
Techday NZ
18-07-2025
- Business
- Techday NZ
Report finds 10% of staff cause 73% of risky cyber behaviour
New research from Living Security and Cyentia Institute indicates that a small proportion of employees are accountable for a significant majority of risky cyber behaviours, while most organisations remain unaware of the true scale of internal risk. Concentration of risk The 2025 State of Human Cyber Risk Report, based on behavioural data from more than 100 enterprises and hundreds of millions of user activities, has outlined how just 10% of employees are responsible for 73% of all risky behaviour within organisations. This concentration of risk challenges the common perception that cyber risk is broadly distributed across the workforce. The report provides detailed insights into where cyber risk is prevalent in today's enterprises and argues for a shift from systemic defences to targeted human risk management. Ashley Rose, Chief Executive Officer and Co-founder of Living Security, commented on the findings, stating: "Security teams have always known the human factor plays a critical role in breaches, but they've lacked the visibility to act on it. Until now, most insights have relied on anecdotal evidence or narrow indicators like phishing clicks. This report changes that by providing hard data that shows exactly where risk lives, and what actually works to reduce it." Visibility challenges One of the most significant takeaways from the report is the shortfall in visibility for many organisations. The analysis determined that those relying only on security awareness training (SAT) have the capacity to detect merely 12% of risky behaviour. In contrast, companies employing mature Human Risk Management (HRM) programmes detected five times as much risk. The study also revealed that risk is often misattributed. Remote and part-time workers were found to be less risky than in-office staff, contradicting some prevailing assumptions about offsite working arrangements. Effectiveness of targeted interventions Living Security reports that organisations utilising its Unify HRM platform managed to reduce their population of risky users by 50% and shorten the duration of high-risk behaviour by 60%. The report suggests that behaviour-triggered interventions are notably more effective than blanket awareness campaigns. The comprehensive study examines risk distribution by role, industry, and user access level, and provides persona-based insights using behavioural alignment models. It further concludes that targeted action plans, prompted by dynamic risk detection, can dramatically lower an organisation's exposure to internal threats. Rose asserts that a fundamental rehabilitation of cyber risk management is required, saying: "Cybersecurity is no longer just about technology, it's about behavior. If we don't understand who our riskiest users are, why they're at risk, and how to help them improve, we'll continue chasing symptoms instead of solving the root problem." Changing requirements The report comes at a time of rapidly changing enterprise environments, with AI-driven agents and digital co-workers broadening the digital attack surface. The findings recommend that security leaders transition from purely technical defences to approaches that prioritise visibility into user behaviour and enable targeted interventions. According to the report, detecting and acting on high-risk behaviours at the user level confers significant advantages in risk reduction speed and overall organisational security posture. The full report stresses the necessity of shared visibility and accountability for both human and non-human actors operating within the enterprise. The 2025 State of Human Cyber Risk Report was developed using anonymised data from the Unify platform collected over multiple years, offering a detailed look at how human risk is manifested and can be mitigated across various industries and organisational sizes. Follow us on: Share on:
