Top 5 Cyber Threats CultureAI Detected in Q1 2025
Cyber security threats continue to evolve, but one factor remains consistent: human error is still the greatest risk to modern businesses worldwide.
Employees make mistakes, bypass security measures, and fall victim to sophisticated social engineering attacks, leading to devastating data breaches.
Despite extensive security awareness training, the reality is that investing more time and money in training isn’t solving the problem.
Instead, businesses need to move beyond traditional approaches and embrace technology-driven solutions to minimise human cyber risk.
The CultureAI platform unlocks deep insights into employee behaviour through the power of telemetry. We surface threats beyond just phishing and automate interventions to prevent these risks from becoming real threats.
To wrap up Q1, we're sharing some of the top human risks we detected across our client base in Q1, so you know what to look out for.
Top 5 Cyber Threats Detected by CultureAI in Q1 2025
In Q1 2025, across our client base, for every 100 employees, 50 created a critical or high-level risk each month - highlighting the continued need for automated detection and interventions.
Top risks detected, by volume, were:
1. Weak Passwords in SaaS Accounts
Many employees still create weak passwords that lack complexity, making them vulnerable to password spraying and stuffing attacks.
Attackers, now leveraging computer-using agents (CUAs) like OpenAI’s Operator, are launching these attacks on a massive scale. Reducing weak password usage across SaaS applications is crucial to minimising exposure.
2. Accounts Exposed in Data Breaches
A significant number of user accounts were found to have passwords exposed in third-party data breaches. If passwords aren’t updated or are reused, attackers can compromise accounts, launch phishing campaigns, or exploit vulnerabilities. CUAs enable cyber criminals to automate password-stuffing attacks using breached credentials.
3. Password Reuse Across SaaS Accounts
Employees frequently reuse passwords across multiple services for convenience. This behaviour enables attackers to use compromised credentials to gain access to multiple accounts, making credential stuffing a major risk.
4. Lack of Multi-Factor Authentication (MFA)
A high percentage of shadow IT SaaS applications lack MFA, meaning users rely solely on passwords for authentication. This dramatically increases the risk of unauthorised access since attackers can exploit weak or leaked credentials without additional verification layers.
5. Easily Guessable Passwords
Users often create passwords based on predictable patterns or personal information, making them easy to guess. Attackers use automated password-guessing techniques and CUAs to rapidly compromise accounts with weak passwords.
The Future of Security: Technology First
The evidence is clear: human error isn’t going away, but security breaches don’t have to be inevitable. Relying on security awareness training alone is no longer sufficient. Instead, businesses must adopt proactive, automated solutions to minimise human cyber risk at scale.
By integrating real-time detection, behavioural intelligence, and automated interventions, CultureAI empowers organisation's to stay ahead of cyber threats—without putting the burden on employees.