Why insider risk is becoming a defining issue for HR

When organisations discuss data breaches, the focus often falls on external cyber threats. However, many of the most serious incidents originate internally. ICO statistics for 2025 show that 75 per cent of personal data breaches arise from non-cyber incidents – defined as breaches that do not have a clear online or technological element involving a third party with malicious intent. The most common type of incident was data emailed to the wrong recipient, accounting for 18 per cent of the total reportable incidents.

Read the full article Bryony Long wrote for People Management here.