Arctic Wolf's study highlighted the yawning gap between IT leaders’ inflated confidence and the cold, hard reality.
While IT managers were busy breaking all the rules, they appeared confident in their organisations’ security prowess.
A lofty 80 per cent claimed their employees would never fall for a phishing scam—yet the irony is that 64 per cent of these leaders themselves have clicked on phishing traps.
Even more eyebrow-raising, many IT leaders have quickly punished others for their cybersecurity missteps. According to Arctic Wolf’s findings, 27 per cent of respondents admitted they’d seen an employee get fired for falling victim to a phishing attack, but they seem far less willing to acknowledge their own slip-ups.
The report goes on to expose an overconfidence epidemic among IT leaders. An incredible 83 per cent have observed employees clicking on phishing simulation links, and 61 per cent have reported at least one cybersecurity breach in the last year. These statistics paint a picture of IT leaders alarmingly out of touch with the real threat landscape.
Adam Marre, Arctic Wolf’s Chief Information Security Officer said: “Cybersecurity isn’t just about technology—it’s about people. As threat actors grow more sophisticated, security leaders must move beyond traditional training methods to adopt a comprehensive human risk management strategy.”