Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    81% of Small Businesses Sustained a Cyber Incident Over the Past Year

    KnowBe4 Team | Dec 19, 2025

    Running Into a Data BreachEighty-one percent of small businesses suffered a security or data breach over the past year, and 38% of these businesses were forced to raise their prices as a result, a report from the Identity Theft Resource Center (ITRC) has found.

    The report notes that external hackers have overtaken malicious insiders as the most common root cause of these incidents. This trend is partially driven by AI-assisted social engineering attacks, which were cited as a root cause by more than 41% of victims.

    “The emergence of AI as a primary attack vector aligns with extensive industry analysis on the weaponization of generative AI for creating hyper-realistic phishing emails, deepfake audio and video, and adaptive malware,” the report says.

    “These tools are effectively democratizing advanced attack capabilities that were once the domain of highly skilled actors. The primary advantage of a malicious insider has always been their intimate knowledge of internal processes, communication styles, and organizational hierarchies, allowing them to bypass defenses through trust and familiarity. AI tools now allow external actors to replicate this advantage at scale.”

    Users should be aware of this trend, as many red flags associated with social engineering, such as typos or odd grammar, will no longer be present.

    “Employee security training must be updated to address these new threats,” the report says. “Staff should be educated on the tell-tale signs of AI-generated content, such as subtle visual artifacts in deepfake videos, the lack of emotional nuance in a cloned voice, or the unnaturally perfect grammar of an AI-crafted email. Fostering a culture of healthy skepticism, where employees feel empowered to question and verify unusual or urgent requests, is vitally important.”

    AI-powered security awareness training can give your organization an essential layer of defense against evolving social engineering attacks. KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 HRM+ platform to strengthen their security culture and reduce human risk.

    Infosecurity Magazine has the story.

    Topics: Social Engineering Data Breach Human Risk Management

    See KnowBe4 Security Awareness Training in Action

    See how you can efficiently safeguard your organization from sophisticated social engineering threats.

    Request a Demo

    Secure the Digital Workforce: Human + AI

    KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.

    KnowBe4 Team

    ABOUT KNOWBE4 TEAM

    The KnowBe4 Team delivers timely, expert-driven insights on cybersecurity trends, emerging threat intelligence, human risk and agent security best practices, compliance strategies and industry research to help organizations strengthen their digital defense layer and stay informed, resilient, and secure.

    Read more from KnowBe4 »

    Subscribe to Our Blog

    Posts By Topic

    View All