Joy Agwunobi
Human error remains the leading cause of cyber incidents, accounting for approximately 60 percent of breaches, according to analyses by HDI Global and the European Union Agency for Cybersecurity (ENISA). Mistakes such as falling for phishing emails or social engineering attacks continue to pose significant risks for businesses across industries.
In its latest report, HDI Global, an international industrial insurer, examined how companies can better manage cyber exposure and strengthen resilience. The study draws on the expertise of David Bartolini, Head of Cyber Risk Engineering Tech at HDI, who oversees the insurer’s global cyber risk engineering activities and advises organisations on prevention, preparedness, and recovery strategies.
ENISA’s examination of nearly 4,900 incidents between July 2024 and June 2025 revealed that phishing, ransomware, and Distributed Denial of Service (DDoS) attacks remain the most prevalent threats. Bartolini also warned that cybercriminals are increasingly leveraging generative AI to automate attacks and exploit weaknesses across a wider range of sectors, making proactive risk management essential.
According to Bartolini, continuous employee awareness is the first priority for mitigating cyber risks. ENISA’s findings show that roughly 60 percent of breaches stem from human error, often through phishing emails or social engineering attempts. He stressed the importance of structured, ongoing training programs, which should include simulated attacks and response workshops to help employees recognise and mitigate risks. While awareness typically spikes immediately after an incident, sustainable long-term education is crucial for lasting protection.
Equally important is keeping software and infrastructure up to date. Outdated or unpatched systems are common entry points for attackers. HDI Global recommends consistent patch management, regular vulnerability assessments, and prioritising critical system updates to reduce the likelihood of compromise. Targeted risk engineering and continuous review of infrastructure are considered indispensable for resilient cybersecurity.
As remote work expands corporate digital footprints, companies are increasingly vulnerable to attacks such as DDoS. Bartolini notes that professional IT measures, including network segmentation, endpoint detection and response, security information and event management (SIEM), and security operations centres, enable early detection and isolation of compromised systems. Implementing minimal access rights further limits potential damage and exposure.
Third-party and supply chain risks are another growing concern. ENISA reports that supply chain attacks account for more than ten percent of documented threats, with vulnerabilities in software repositories and third-party providers causing widespread incidents across Europe. Bartolini advises adding cybersecurity clauses to contracts, requiring proof of security standards from partners, and conducting joint infrastructure testing to mitigate these risks.
Despite preventative efforts, total protection is impossible, making preparation for emergencies critical. ENISA data indicates that the average operational downtime following a cyberattack is 4.2 days, rising to 5.5 days for small businesses. Regular backups and tested recovery plans are essential to minimise downtime and data loss.
HDI Global notes that companies with robust security measures resume operations around 36 hours faster and incur approximately 10 percent lower costs per incident. Leading insurers are increasingly acting as partners in digital transformation, providing tailored consulting and comprehensive products that strengthen both resilience and insurability.
Bartolini concluded that proactive, holistic risk management is no longer optional. Prevention, continuous training, and strategic technical measures form the foundation of sustainable cyber resilience, offering organisations the best chance of avoiding costly disruptions in an increasingly complex threat landscape.
