Global study reveals alert fatigue and process gaps are driving high-impact attacks across industries
Palo Alto Networks has released the 2025 Unit 42 Global Incident Response Report: Social Engineering Edition, highlighting how identity-driven attacks are circumventing advanced security controls by exploiting people, processes, and operational fatigue. The report draws on 700 real-world investigations across 49 countries, revealing that 13% of social engineering incidents stemmed from ignored alerts and 60% led to data exposure, making it one of today’s most damaging cyber threats.
“Attackers are exploiting identity gaps and process fatigue, bypassing even advanced technical controls. Awareness and Zero Trust practices must go hand-in-hand with technology to stay ahead.”
– Swapna Bapat, VP & MD, India & SAARC, Palo Alto Networks
The report identifies two dominant attack playbooks: high-touch compromise, where attackers impersonate employees or IT staff to bypass authentication, and at-scale deception, which leverages SEO poisoning, malvertising, and fake prompts to trick users. The rise of Generative AI amplifies these tactics, enabling attackers to create tailored lures, voice clones, and automate campaigns end-to-end.
Key findings include:
- 66% of attacks targeted privileged accounts, increasing potential impact
- Credential recovery mechanisms, such as IT help desk resets, were commonly exploited to bypass MFA
- 10% of incidents involved missing or misconfigured MFA protections
- Manufacturing faced the highest rate of data exposure (15%), followed by professional services and retail
The study underscores that technical upgrades alone are insufficient. “India’s pace of digital adoption is extraordinary, and with that comes a unique challenge. Attackers are leveraging process gaps and identity blind spots alongside conventional technical flaws. Addressing this requires making security second nature across teams,” said Swapna Bapat, VP & MD, India & SAARC, Palo Alto Networks.
The report recommends Zero Trust principles, correlation of identity signals with Identity Threat Detection and Response (ITDR), deployment of User and Entity Behavior Analytics (UEBA), hardening recovery workflows, and running live simulations to strengthen organizational awareness.
Palo Alto Networks, trusted by over 70,000 organizations globally, continues to drive AI-powered cybersecurity solutions across networks, cloud, and operations, leveraging the expertise of Unit 42 to ensure protection keeps pace with innovation.
