(Image credit: Getty Images)
Cybersecurity headlines continue to be punctuated by high-profile, highly disruptive breaches. In fact, 2025 has already seen some of the most damaging incidents on record, with organizations such as M&S and Co-Op suffering severe and costly disruption.
If the estimated £100 million-plus cost to M&S wasn’t bad enough, it was eclipsed by the incident at JLR. widely reported as the most expensive cyber incident in UK history, its overall economic estimated at £1.9 billion.
CISO at Node4.
These and other incidents expose cybersecurity’s most enduring paradoxes, humans are both the strongest and weakest links in the chain. M&S has publicly stated that its breach was a result of “human error”. While the jury is still out at JLR, speculation points towards a credentials compromise, a classic social engineering tactic.
At the same time, employees are also the bedrock of effective cyber resilience, with an engaged, well-informed workforce ideally placed to recognize and stop suspicious activity long before it develops into a full-scale incident.
A bad problem is becoming worse
The problem for security leaders is that social engineering is still the most effective way to bypass otherwise robust technical controls. The problem is becoming more acute as threat actors increasingly use AI to deliver compelling, personalized, and scalable phishing attacks.
While many such incidents never reach public attention, an attempt last year to defraud WPP used AI-generated video and voice cloning to impersonate senior executives in a highly convincing deepfake meeting.
Unfortunately, the risks don’t end there. Even with strong technical controls and a workforce alert to social engineering tactics, risk also comes from employees who introduce tools, devices or processes that fall outside formal IT governance.
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Widely known as ‘Shadow IT’, this behavior often stems from good intentions, with people trying to work faster or collaborate more effectively when the official tools don’t meet their needs as well as alternatives they have discovered. The result is security blind spots and data governance risks that continue to cause serious difficulties.
The list of challenges goes on, with everyday habits such as credential reuse, storing files in unapproved locations, sharing data via consumer apps or using unsecured public Wi-Fi all having the potential to undermine organizational security.