Nov 14, 2025

Most security incidents are preventable, yet leaders aren’t taking proactive steps to mitigate risk (Image credit: Getty Images) The majority (92%) of enterprises that fell victim to a security breach believe more robust cyber hygiene practices could’ve prevented disaster, according to new research. In a new study from Swimlane, more than half (52%) of organizations said their “greatest weakness” lies in human mistakes, underlining the need for better employee training and awareness. Yet despite this, efforts to improve cyber hygiene are still often overlooked by leadership, with just 32% of respondents noting that hygiene and resilience rank high on C-suite priority lists. Boost password security and keep your business safe with NordPass B2B. <p><a href="https://go.nordpass.io/aff_c?offer_id=754&aff_id=3013&url_id=31981" target="_blank">Catch the price drop today to get 30% OFF for Enterprise and Business plans This, the study noted, suggests leaders continue to “underestimate how much fundamentals drive overall risk reduction”. “The fundamentals of security shouldn’t be the hardest part, but they remain the weakest link,” said Michael Lyborg, CISO at Swimlane. “Too many teams treat hygiene as a checklist instead of a living process. Intelligent automation makes it continuous, measurable, and built-in, turning resilience from a goal into a deliverable outcome.” Most cyber slip-ups are preventable According to Swimlane, most cybersecurity incidents are still preventable, highlighting continued failings on the part of both leadership and broader workforces. Get the ITPro daily newsletter Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over. Two-thirds of organizations said they faced an incident in the past year, yet just 15% self-identified as having “mature” cyber hygiene practices. Businesses are beginning to take proactive steps to mitigate risks, however. Just over two-thirds (67%) said they now audit user access privileges on a quarterly basis – although Swimlane hinted that this cadence could be improved. A serious cause for concern flagged by the study centered around security practices with vendors and suppliers. More than half of enterprises admitted they fail to "continuously assess” vendor and supplier security after onboarding, a practice that needs to be addressed given surging supply chain security risks. According to the study, turning to AI tools could help bridge gaps here. An overwhelming majority of respondents (84%) said AI can help enhance cyber hygiene by automating processes. “Cyber resilience depends on operational discipline as much as technological sophistication,” said Cody Cornell, co-founder and CEO at Swimlane. We’re at a turning point where agentic AI can finally make the fundamentals automatic. The organizations that embed AI agents into daily automated workflows will transform hygiene from a persistent challenge into a lasting competitive advantage.” Make sure to follow ITPro on Google News to keep tabs on all our latest news, analysis, and reviews. MORE FROM ITPRO