Cybersecurity risks are increasing, with humans still being the weakest link in the security chain. This is highlighted by Netskope in its latest report, where it highlights that the growing dependence on cloud applications and Generative AI, added to social engineering and adversarial threats, poses a significant challenge for organizations.

Hence, it is necessary for companies to review their security posture and adopt proactive measures to mitigate these risks, ensuring their integrity and protection of sensitive data in an ever-changing landscape.

Increased Social Engineering Risks

Phishing, one of the most common social engineering techniques, has experienced a notable increase. According to the report, 8.4 out of every 1,000 users click on phishing links each month, tripling the rate from the previous year. Attackers have refined their methods, resulting in an increase in the effectiveness of these campaigns, despite efforts to raise security awareness.

Among the most used techniques in these attacks are the creation of fake login pages, the use of reverse proxies and simulated applications. Cloud applications, such as Microsoft 365, are the main targets, with almost 75% of clicks on malicious links directed to credentials from this platform. The majority of these clicks come from search engines, indicating a shift in attackers’ strategy toward platforms considered trustworthy by users.

Additionally, one in 100 users encounters malicious content on the web or cloud each month. Javascript Trojans are the most common and blocking them is crucial as they are often initial vectors for more complex malicious activities. Major malware families include the “Zusy” financial Trojan, which steals personal information through code injections, and various types of downloaders used to introduce other types of malware into victims’ systems.

Use of Personal Applications in the Business Environment

The use of personal cloud applications is a common practice in companies, with 88% of users using them monthly and 26% sharing sensitive data on these platforms. The most used applications include Google Drive, Microsoft OneDrive, Gmail and ChatGPT, which creates significant risk both intentional and unintentional in handling sensitive data.

The biggest risks depend on the type of application used, including uploading sensitive data and using personal emails for business matters. 66% of organizations are concerned about the flow of data to personal applications and have implemented data loss prevention (DLP) policies to restrict this practice. However, data breach incidents involving personal applications remain an ongoing challenge.

Adoption and Risks of Generative Artificial Intelligence

By the end of 2024, 94% of organizations will use generative AI applications, a significant increase from 81% the previous year. However, growth in generative AI adoption has begun to slow, with projections indicating a more moderate pace in 2025.

Despite their widespread adoption, more than 99% of organizations lack adequate controls to mitigate the risks associated with the use of these applications. Breaches are typically related to data leaks from source code and regulated data. Risk mitigation strategies include blocking AI applications without a legitimate business purpose and providing real-time training to help users make informed decisions about data security.

Cybersecurity Threats and Defense Strategies

Adversarial risk is driven by well-organized groups with financial or geopolitical motives. The activity of these adversaries is on the rise, reflecting current geopolitical dynamics. An example is the Chinese group “Salt Typhoon”, whose objective is espionage and has compromised multiple telecommunications companies. Another group, the Russian TA577, uses malware to carry out intrusions in various industries globally, focusing on social engineering and security vulnerabilities. UAC-0050, also of Russian origin, targets critical infrastructure and uses malware to gain access to specific systems.

To defend against these threats, organizations must conduct continuous risk assessments and implement appropriate countermeasures to protect their infrastructure. Cybersecurity has become an essential priority for companies seeking to safeguard their data and operations in an environment that is increasingly digital and vulnerable to cyber attacks.