Socwise logo
close
Ivett Dobay
05/22/2025

Inside the 2025 Verizon DBIR: Rising Cyber Risks from Ransomware, Human Error, and AI

Ivett Dobay
Verizon’s DBIR 2025 highlights how ransomware, phishing, and generative AI are reshaping cyber threats—human error and BYOD policies leave organizations increasingly exposed.

Verizon's 2025 Data Breach Investigations Report (DBIR) is once again a compass for cybersecurity professionals worldwide. Based on an analysis of more than 12,000 real-life data breaches, the report reveals the nature, scope and techniques of the current threats - and there are lessons to be learned for Hungarian organizations.

Changing threats, repeating patterns - what's behind the statistics?

Attackers' methods and tools evolve, but their goal remains the same: to get in, get data, get profit.

The main risks

  • Ransomware: 44% of the data leaks examined were ransomware, an increase of 37% compared to last year.
  • Human factor: 60% of cases are linked to some kind of human error or manipulation. The most common is the exploitation of inattention and naivety through psychological tricks such as phishing emails, fake login screens, misconfiguration and privilege abuse.
  • Credential misuse: in 88% of incidents of web application attacks, stolen or compromised credentials were used by attackers. Remotely stolen passwords, tokens and API keys are a major means of gaining access.
  • Man in the chain: the human factor plays a key role in 60% of incidents. Emails, fake login screens, psychological tricks - these are the main weapons of attackers.
  • Exploiting vulnerabilities has exploded: attackers exploit slow reaction times. Only 54% of border defense failures have been fully corrected, with a median update time of 32 days.
  • BYOD (bring your own device) in the spotlight again: hidden risks on personal devices: in 46% of cases, corporate login data was stolen from personal devices, i.e. not managed by central IT. This meant that the organization was unable to detect malicious activity in time and could not protect the device itself or the business data stored on it. This poses a serious invisible risk.

How can you prepare?

The report recommends action based on CIS Controls:

Technological solutions:

  • Introduction of the Zero Trust principle
  • Vulnerability management programs
  • Endpoint protection, patch management, automatic logging
  • MFA for all external access, especially for partners

Organizational practices:

  • Corporate asset and entitlement registers
  • Security awareness training, phishing simulation exercises
  • Establishing rapid reporting and response processes

AI and future risks

  • Attackers are also using generative AI (GenAI): the number of synthetically generated phishing emails has doubled.
    Actors using AI for offensive purposes in particular:
    • Synthetic texts are used for more persuasive emails.
    • Code generation and translation capabilities are used to localize malware and phishing campaigns
  • 15% of employees use AI on work devices - often logging in with company ID, in an unregulated way or with a private account.

Risks:

  • Document uploads to AI systems (for summarization, code analysis) can leak sensitive data to uncontrolled platforms.
  • Employees may not be aware that these systems are not secure for corporate use.
  • It is particularly problematic when these solutions are used from owned devices in a BYOD environment.

AI also appears on the defense side

Although the focus of the report is more on attacks, it notes that GenAI:

  • Can help in phishing detection (analysis of language patterns),
  • Automate certain SOC (Security Operations Center) tasks,
  • However, it also creates new types of risks, such as prompt injections or erroneous suggestions based on hallucinations.

Future regulatory issues

  • The report does not set out specific regulations but suggests that regulating the use of AI in business will become a key issue.
  • The principles of “data minimization” and “least privilege” should be re-emphasized.

Some mobile phone manufacturers already offer AI features turned on by default. These often work without the user's knowledge or the organization's permission, increasing the risk of unauthorized applications (shadow IT).

Summary

Verizon's DBIR 2025 report makes it clear that cybersecurity is not just a technological issue, but a human and strategic one. Attackers are using increasingly sophisticated methods - whether ransomware or social engineering backed by artificial intelligence. Meanwhile, the attack surfaces are also expanding border security tools, partnerships, BYOD use, and now generative AI systems are bringing new risks.

In our InfoSec division, we don't just monitor cybersecurity - we actively adapt to it. The report highlights what we are seeing in practice: it is not enough to react to attacks, we need proactive, adaptive security strategies.

In addition to the complexity of technological ecosystems and the challenges of the human factor, the emergence of artificial intelligence is a turning point. It is both in the attackers' toolbox - and increasingly on the defensive side. That's why we're focusing on integrating AI-based security solutions into our portfolio - whether it's predictive behavior analysis, phishing detection or automating the work of the Security Operations Center (SOC).

We believe that the safe use of AI in the enterprises also requires regulation and awareness. We help our customers to do just that: we deliver not only technology, but also policies, processes and training to enable our customers to use AI in an informed, responsible and safe way.

SOCWISE © 2022 ALL RIGHTS RESERVED  Business value protection in expert hands.
crossmenu
SOCWISE
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.