Global research from leading analyst IDC, has revealed that while the threat landscape continues to diversify, human identity remains the biggest vulnerability.
Their study found that people are still the easiest way for attackers to gain access to organisations, appearing across all five main causes of initial ransomware attacks.
“IDC’s findings reinforce what we’re seeing every day: human identity is still the most exposed and exploitable part of an organisation’s security posture. Attackers don’t need sophisticated exploits when they can rely on everyday behaviours – a distracted click, a reused password, or a supplier account being misused.”
James Gilles, Head of Cyber Security, Logicalis UK&I
Humans consistently offer the simplest, most accessible entry point. Despite targeting taking significant time, the success rate of infiltration remains much higher than alternative methods.
"As the threat landscape diversified, organisations must recognise that protecting identities and shaping secure user behaviour is just as critical as patching systems or deploying new tools.”
Martie Moore, Global Solutions COE Lead, Logicalis
What does the research show?
The IDC study centred on the question, ‘what are the most significant sources of ransomware compromise?’ The top five responses were:
- 18%: Browser-based attack in which attackers gain access during the normal course of internet browsing (users)
- 13%: Supply chain attack (e.g., SolarWinds, PC Cleaner, or Kaseya)
- 13%: Malware stored on peripheral devices or removable media inserted into a system (user insertion)
- 12%: Clicked on a malicious URL or opening a malicious attachment in a phishing email (user click)
- 12%: Malicious access that leveraged a compromised credential (user login)
This may not be a surprise to cybersecurity leaders, but with AI enabling attackers to orchestrate at scale, organisations need to secure those human identity risks.
“Cybercriminals have learned that targeting people is both scalable and effective, especially with AI now automating phishing, impersonation, and reconnaissance at unprecedented levels. Eliminating human risk isn’t realistic but reducing it through stronger controls, intelligent detection, and continuous awareness is absolutely achievable.”
Gandhiraj Rajappan, Cyber defence manager - SOC, Logicalis APAC
How can organisations guard against human threats?
Based on the research, these are the five primary attack vectors, along with practical steps organisations can take to reduce the risk of a breach.
Human‑Centric Cyber Threats: Recommendations and estimated risk reduction
Threat Area | Key Recommendations | Estimated Improvement |
Browser‑Based Attacks | • Use modern, hardened browsers (disable weak ciphers, block third‑party cookies). | 40–60% reduction in browser originated‑originated compromise risk |
Supply Chain Threats | • Perform proactive vulnerability management for internal & integrated supplier systems. | 30–50% reduction in third‑party compromise risk |
Malware on Devices | • Deploy XDR to detect malware execution, lateral movement, and persistence. | 50–70% reduction in endpoint malware impact |
Phishing / Email Interaction | • Run continuous phishing simulations and targeted training. | 35–55% reduction in phishing‑related compromise risk |
Compromised Credentials | • Use CTI feeds to identify exposed credentials on leak sites/dark web. | 45–65% reduction in credential‑related compromise risk |
Overall Posture Improvement | Implementing all of the above simultaneously enhances user behaviour, control maturity, and third‑party oversight. | 65–80% overall reduction in likelihood of initial compromise |
While ransomware and cyber threats remain prevalent, organisations with the right blend of people, processes, and technology can dramatically reduce human driven cyber risk. Being prepared not only reduces the impact of an attack but also protects reputation, customer trust, and regulatory compliance‑driven cyber risk.
"Organisations that strengthen identity protections, modernise browser and device controls, and continuously monitor for compromised credentials can dramatically cut their likelihood of a breach. When security teams blend technology with training and well-defined processes, they meaningfully reduce the success rate of human-enabled attacks, even when adversaries invest significant time and patience to infiltrate"
Arun Wadhawan, Senior Manager Security, Logicalis Germany
Logicalis provides guidance and capability support from prioritising tactical improvements to building scalable, adaptable cybersecurity programs, ensuring organisations remain resilient against human‑centric threats.
"When security teams blend technology with training and well-defined processes, they meaningfully reduce the success rate of human-enabled attacks, even when adversaries invest significant time and patience to infiltrate.”
Edgar Coutinho, Security Services Delivery Manager, Logicalis Portugal
Download your copy of the IDC Info Snapshot
Related articles:
- Threat Hunters – front line defenders in a modern SOC
- Logicalis invests in and expands Intelligent Security solutions to combat escalating cyber threats
- The value of human teams in a SOC: Enhancing security operations
Related Insights
South Africa , Dec 8, 2025
Threat Hunters: The front-line defenders in a modern SOC
Unseen guardians in the battle against cyber threats! Cybersecurity has evolved beyond simply deploying firewalls and antivirus software; it has become a dynamic battle of wits, skill, and foresight.
South Africa , Dec 1, 2025
Logicalis invests in and expands Intelligent Security solutions to combat escalating cyber threats
Global security risk at critical levels: 88% of organisations experienced a cyber incident in the last 12 months. New investments include Pen testing-as-a-Service, Cyber Threat Intelligence (CTI), and expanded Vulnerability Management capabilities and Advisory services to help organisations comply with key frameworks including NIST, DORA, NIS2, and the Cyber Resilience Act.
South Africa , Nov 7, 2025
Digital Transformation and digitalisation fatigue - The implications for organisations
Digital transformation remains a hot topic in contemporary IT strategies and discussions. However, if digital transformation is not carefully managed with well-planned execution and processes, then there can be serious implications for businesses’ digitalisation efforts.
South Africa , Oct 22, 2025
Future-proofing your network: The case for NaaS in enterprise digital transformation
Today’s most successful enterprises are defined by their agility and ability to scale. Networking-as-a-Service (NaaS) is a revolutionary business model that allows organisations to transform their network from a rigid, CapEx-heavy asset into a flexible, OpEx-driven service through a trusted managed services provider.
South Africa , Sep 17, 2025
Operationalising Zero Trust - The role of MXDR
Operationalising a Zero Trust Architecture requires a range of tools, systems, and cybersecurity skills. MXDR (Managed Extended Detection and Response) is one of the most effective solutions for implementing an effective Zero Trust Architecture within an organisation.
South Africa , Aug 15, 2025
The Data Dilemma of Sustainability: Why Measuring Impact Isn’t Just a Numbers Game
As organisations strive for net zero, the challenge isn’t just measuring impact—it’s capturing the full story of sustainability, including effects on ecosystems and communities.
South Africa , Jul 17, 2025
What is an IT Systems Integrator?
Learn what a systems integrator is, their role in the ICT value chain, and how your business can benefit from their expertise. Understand key functions, common misconceptions, and why partnering with a SI adds value.
South Africa , Apr 16, 2025
Microsoft DMARC requirements – What it means and how it impacts Outlook.com users
On 5 May 2025 , Microsoft will be joining Yahoo and Google in mandating compliance with DMARC standards for large volume email senders (domains sending more than 5000 emails per day). This will apply to outlook.com, hotmail.com and live.com.
South Africa , Apr 2, 2025
What are the benefits of Extended Detection and Response (XDR)?
Extended Detection and Response, or XDR, is a powerful security solution that uses a unified security platform empowered by AI and automation. It helps to detect advanced cybersecurity threats and allows organisations to respond quickly.
South Africa , Mar 5, 2025
The partnership between a Security Operations Centre (SOC) and the CISO
As the threat landscape continues to grow in scope and severity, companies are looking more and more towards the vital partnerships required to keep their security posture strong. The partnership and collaboration between the Security Operations Centre (SOC) and the chief information security officer (CISO) is arguably one of the most important relationships in cybersecurity.
South Africa , Aug 29, 2024
Windows 10 to 11 - What you need to know
Windows 10 is reaching its End-of-Life (EOL) and the move towards Windows 11 is inevitable for businesses who want to stay updated and secure. After 14 October 2025, all feature updates, patches, security updates and official support for Windows 10 will end.
South Africa , Jul 24, 2024
Security Operations Centre Cybersecurity. Microsoft Sentinel SOC Customer Case Study
A leading South African connectivity, innovation and intelligent technology company was quick to recognise the value of a robust cyber security solution. They partnered with Logicalis South Africa, to leverage its expertise and Microsoft Sentinel 24x7 SOC Managed Service, underpinned by the Microsoft Azure Sentinel platform.
South Africa , Jul 23, 2024
What is a data-driven organisation?
Describing an organisation as data-driven or urging businesses to become data-driven is a popular topic in ICT. As the business environment becomes more reliant on actionable data and informed decisions based on that data; we can expect references to being data-driven to increase.
South Africa , Jul 9, 2024
How to implement a cybersecurity strategy
In our latest CIO report, a staggering 83% of CIOs reported experiencing a cyber hack in the last year and almost all of those surveyed experienced business damage as a consequence. The need for an effective cybersecurity strategy security is clear. But how do you implement a cyber security strategy?
South Africa , Jun 25, 2024
Cloud vs on-premises data storage solutions
Businesses of all sizes rely on data storage solutions to manage the ever-growing data volumes associated with modern business operations. Several options are available, including cloud, hybrid and traditional on-premises data storage.
South Africa , May 15, 2024
The business benefits of Critical Power
It's all about using the power of automation, innovation, and smart tools to revolutionise how we manage energy. The goal? Reduce waste, cut costs, and promote sustainability. With sustainability and climate change becoming increasingly important, Critical power is no longer a choice; it's a must for companies in South Africa.
South Africa , Feb 20, 2024
The cybersecurity threats of remote work
Remote work was introduced during the COVID-19 pandemic and has since become a regular feature of the modern workplace. As with all new developments in business, there are advantages, but also risks associated with remote work. Companies have seen new cybersecurity threats entering the threat landscape as employees began working offsite.
South Africa , Jan 30, 2024
What is sustainability in IT?
Sustainability is an important topic in modern business as customers and other stakeholders increasingly measure their service providers’ performance against environmental and ethical standards. This directly impacts the IT industry as many clients will consciously choose to do business with companies that perform better on environmental metrics.
South Africa , Jan 24, 2024
How to develop an IT communications strategy
A strong and reliable IT communications strategy is required to get maximum buy-in from all stakeholders in the IT value chain. Developing your IT communications strategy is an involved process that follows multiple steps.
South Africa , Jan 10, 2024
What is Deep Observability?
Logicalis South Africa has recently partnered with Gigamon to deliver a new Deep Observability solution to South African enterprise companies. Deep Observability offers many benefits from security to network intelligence and allows organisations to have full visibility and control over their entire network infrastructure and the information flow.
South Africa , Dec 8, 2023
What are the benefits of a Security Operations Centre (SOC)?
Security operations centres (SOCs) offer many benefits to companies, either as an internal resource, or as a managed security services solution. A good SOC service can prevent a wide range of cyber threats from becoming disastrous events that can affect a company for years.
South Africa , Nov 13, 2023
Logicalis named inaugural 2023 Cisco Global Sustainability Partner of the Year
Last week, we were honoured to receive the inaugural 2023 Cisco Global Sustainability Partner of the Year award during Cisco's Global Partner Summit event in Miami. This prestigious accolade acknowledges Logicalis' exceptional sustainability achievements and success in helping customers reduce the environmental impact of their digital ecosystems across the globe.
South Africa , Oct 24, 2023
Choosing the right MSSP -Top 5 credentials to look for when selecting a MSSP
In an increasingly interconnected world, the frequency and complexity of cybersecurity threats are rising. Our recent CIO survey shows over half of respondents plan to increase their risk management investment. They also consider malware and ransomware significant risks that their organisations will face in the coming year.
South Africa , Oct 4, 2023
The power of next generation connectivity
A key factor driving the evolution of how we live, work and trade is connectivity. Businesses flourish when their leaders create environments that can adapt to maximise opportunities, while mitigating the inevitable risks.
South Africa , Sep 26, 2023
10 benefits of IT managed services
There are many benefits to IT managed services that can help upscale the performance of your IT tools and services.
South Africa , Apr 28, 2022
Logicalis target digital-first leaders with launch of managed Intelligent Connectivity service
Logicalis target digital-first leaders with launch of managed Intelligent Connectivity service
South Africa , Aug 12, 2021
Logicalis recognised as a Leader in the IDC MarketScape on Worldwide Network Consulting Services 2021 Vendor Assessment
Logicalis recognised as a Leader in the IDC MarketScape on Worldwide Network Consulting Services 2021 Vendor Assessment
, Jun 2, 2021
Logicalis acquires advanced network infrastructure and 5G solutions specialist siticom
Logicalis acquires advanced network infrastructure and 5G solutions specialist siticom
, Mar 1, 2021
Logicalis and Thycotic team up to deliver robust and innovative cloud access control solutions.
Logicalis and Thycotic team up to deliver robust and innovative cloud access control solutions.
, Oct 30, 2020
Logicalis Group honoured with 21 awards including Global Marketing Partner of the Year at Cisco Partner Summit Digital 2020
News Logicalis Group honoured with 21 awards including Global Marketing Partner of the Year at Cisco Partner Summit Digital 2020
South Africa , Oct 5, 2020
Logicalis South Africa Catapults Lenasia Muslim School into Digital Future
Logicalis South Africa Catapults Lenasia Muslim School into Digital Future
South Africa , Sep 9, 2020
Logicalis South Africa selected as Service Delivery Provider of choice by Liquid Telecoms to provide customers with cyber security solutions
Logicalis South Africa selected as Service Delivery Provider of choice by Liquid Telecoms to provide customers with cyber security solutions
South Africa , Mar 3, 2020
Businesses struggle to realise benefits of emerging technologies
Businesses struggle to realise benefits of emerging technologies
, Feb 6, 2020
Logicalis Announces New Brand Positioning - ‘Architects of Change’
Logicalis Announces New Brand Positioning - ‘Architects of ChangeTM’
South Africa , Jan 16, 2020
Pressure to impact revenue puts CIOs under immense strain, study finds
Pressure to impact revenue puts CIOs under immense strain, study finds
, Jan 16, 2020
Logicalis Europe Honoured with Global Award for IoT Industry Partner of the Year at Cisco Partner Summit 2019
IoT Industry partner of the year
, Jan 16, 2020
Logicalis recognised as a leader in IDC MarketScape Report on Worldwide Network Consulting Services Vendor Assessment
Logicalis recognised as a leader in IDC MarketScape Report on Worldwide Network Consulting Services Vendor Assessment
South Africa , Sep 26, 2019
Logicalis and Qualys join forces to bring cloud-based security and compliance solutions to market
Logicalis and Qualys join forces to bring cloud-based security and compliance solutions to market
South Africa , Jul 8, 2019
Logicalis acquires IT services business with an extended footprint in South Africa
Logicalis acquires IT services business with an extended footprint in South Africa
South Africa , Mar 1, 2019
Logicalis strengthens Pan-African capabilities with senior appointments
Logicalis South Africa (Logicalis), a subsidiary of Datatec Limited (JSE: DTC), has made three senior appointments to significantly strengthen its regional management team and build on the platform established in South Africa to further expand reach and capabilities across the region. The company appointed Jakes Jakobsen as Managing Executive of Sales and Marketing, Caesar Tonkin as Chief Information Security Officer and Morné Laubscher as Hybrid IT and Cloud Practice Manager of Logicalis South Africa. Logicalis, part of the international Logicalis Group, is an IT solutions and managed services business offering digital enablement services to help local and international customers take advantage of digital technology
South Africa , Feb 28, 2019
Logicalis South Africa joins an exclusive group of companies by becoming ISO/IEC 20 000 and ISO/IEC 27 001 certified
Logicalis South Africa has joined an exclusive group of companies in becoming an ISO/IEC 20 000 and ISO/IEC 27 001 certified business for complying with the international standard for Information Security and IT Service Management. Logicalis SA successfully implemented these management systems within a 12 months period. With pride, the team attended the formal presentation of these certificates on Monday 25th of February. This took place at the Cape Town BSI Offices located in Stellenbosch.
South Africa , Sep 3, 2018
Logicalis South Africa acquires IPT cloud and managed services business in South Africa
Cape Town, 03 September 2018 - Logicalis SA (Pty) Ltd, part of the Logicalis Group, an international IT solutions and managed services provider, has acquired Clarotech, an IP telephony (IPT) cloud and managed services business based in Cape Town, South Africa.
, Jan 1, 2015
Logicalis Group appoints Michael Chanter as Chief Operating Officer
Logicalis Group appoints Michael Chanter as Chief Operating Officer