Digital Safety

And the Clock Is Already Running.

Digital Safety Series | Post 1 of 5: Digital Safety for the Modern Professional

In March 2025, a finance director at a multinational firm in Singapore joined what appeared to be a routine Zoom call with senior leadership. The CFO was on screen. Other executives appeared. Everyone looked right. Everyone sounded right. The finance director listened to an urgent request for a fund transfer and authorized it.

There was one problem.

None of those executives were real. Every face on that video call was a deepfake. Every voice was AI-generated using publicly available media of the actual executives. By the time the company discovered the fraud, $499,000 had vanished into criminal accounts. This is not a cautionary tale about the future. It happened just last year.

This incident is part of a documented surge. The FBI’s 2024 Internet Crime Report, released in April 2025, recorded 21,442 Business Email Compromise complaints totaling $2.77 billion in losses, and that figure covers only what was reported to IC3. Total cybercrime losses across all categories hit $16.6 billion in 2024 alone, a 33 percent increase over 2023 and the highest total the FBI has ever recorded.

We are living through a fundamental shift in the cybersecurity landscape. The threat is no longer contained to networks and servers. It lives in our inboxes, our voicemails, our smart devices, and the split-second decisions we make dozens of times a day. Yet most people, including many seasoned professionals, still treat digital safety as someone else’s problem.

That assumption is now a liability.

“The human layer is the most targeted layer in cybersecurity. And right now, it is also the least prepared.”

The Numbers Behind the Shift

The scale of this problem deserves to be stated plainly, not buried in a footnote. These are not projections or estimates about the future. They are the documented reality of 2025. IBM’s 2025 Cost of a Data Breach Report, now in its 20th year and covering 600 organizations across 17 industries globally, puts the average cost of a single breach at $4.44 million worldwide.

For U.S. organizations, that number hit an all-time high of $10.22 million, a 9 percent increase over the prior year, fueled by higher regulatory fines and slower detection (IBM Cost of a Data Breach Report, 2025). Healthcare remains the most expensive sector for the 14th consecutive year, at $7.42 million per breach on average.

Here is the detail that should stop every leader in their tracks: Verizon’s 2025 Data Breach Investigations Report, which analyzed over 22,000 security incidents, found that 60 percent of all confirmed breaches involved a human element. Not a technical exploit. Not a software vulnerability. A person. A click. A moment of misplaced trust. Phishing was the leading root cause, appearing in 16 percent of breaches, while stolen credentials were the dominant initial access vector at 22 percent (Verizon DBIR, 2025).

Ransomware now appears in 44 percent of all breaches, up sharply from 32 percent the year prior (Verizon DBIR, 2025). And AI is reshaping the attack surface in real time: IBM found that 1 in 6 breaches in 2025 involved attackers using AI, most commonly to power phishing campaigns and deepfake impersonation (IBM Cost of a Data Breach Report, 2025). Generative AI now allows an adversary to craft a convincing, hyper-personalized deception in minutes. The bar for a believable attack has never been lower.

The problem is not that people are careless. The problem is that they were never given the tools to be careful in the first place.

Why Financial Literacy Shows Us the Way Forward

Think back to the 1980s. The concept of widespread financial literacy barely existed. Compound interest, credit scores, retirement planning: these were subjects left to specialists, assumed to be beyond the average person’s need or capacity to understand. The consequences played out across generations, in mountains of personal debt and systemic economic inequality.

Over decades, the consensus shifted. Society recognized that financial decision-making was unavoidable, and that people without foundational knowledge made worse decisions with worse outcomes. Today, financial literacy is embedded in school curricula, employee onboarding programs, and public policy. It is treated as a civic right.

Digital safety is following the same arc. The difference is the speed. Financial systems evolved over centuries. Digital technology has reshaped society in under 30 years. Threat actors iterate in hours, not decades.

We cannot afford to wait another generation to normalize digital safety literacy. The runway is shorter. The stakes are higher. And the opportunity, for those of us in this field, is extraordinary.

“A single breach now costs U.S. organizations $10.22 million on average. The most effective countermeasure is not a tool. It is an informed human being.”

What a Life Skill Actually Looks Like

Reframing digital safety as a life skill does not mean expecting everyone to earn a CISSP. It means building the kind of baseline digital judgment that becomes second nature, the same way we buckle a seatbelt or check a bank statement.

In practice, it looks like this:

• Pausing before acting on any message that creates urgency, requests payment, or asks for credentials, regardless of who appears to be sending it.
• Understanding that the convenience of a shared password or an unverified app is not free. Someone else is collecting the cost.
• Knowing what data you are generating, where it is going, and who profits from it. An estimated 4,000 data broker companies currently trade in personal information, often without the knowledge of the people whose data they sell (Privacy Rights Clearinghouse, 2024).
• Modeling visible skepticism as a leadership behavior, because culture flows from the top, and teams replicate what they see their leaders do.

None of these habits require a technical background. They require awareness, practice, and a community that reinforces the right behaviors. That is precisely what The Cyber Guild is built to provide.

The Equity Dimension We Cannot Ignore

There is a dimension of this conversation that the cybersecurity industry has been too slow to name directly: digital safety is an equity issue.

Communities that have been historically underrepresented in technology are also disproportionately targeted by digital threats. They often have less access to enterprise-grade security tools, fewer organizational resources to recover from incidents, and less representation in the rooms where security policy is made. The protection gap is measurable: a 2024 Security.org survey found that only 36 percent of American adults use a password manager, and a 2024 Bitwarden survey found that 23 percent of U.S. employees use no form of two-factor authentication at work, two of the simplest and most effective defenses available.

Building digital safety as a true life skill means ensuring that the knowledge and tools to stay safe are not reserved for those who already sit inside well-resourced organizations. It means developing leaders from every background who can shape the future of this field, because a cybersecurity profession that reflects the full breadth of human experience will build defenses that protect all of us.

The Cyber Guild exists at that intersection.

Start Here

Before the next post, we want to leave you with one action that costs nothing and takes under three minutes.

Have one conversation about digital safety with someone outside the security function this week. A colleague from finance or operations. A family member. Someone you mentor. Do not make it a lecture. Ask them what they worry about online. Share one thing that surprised you in this post.

Research consistently shows that peer-to-peer knowledge sharing is one of the most effective ways to shift organizational culture around security behaviors. You do not need a budget or a program. You need a conversation.

Digital safety becomes a life skill the same way all life skills do: one person, one moment, one decision at a time. We are glad you are here. And we are looking forward to what we build together.

---

About This Series: Digital Safety for the Modern Professional is a five-part content series from The Cyber Guild, a community dedicated to cybersecurity leadership, cross-sector collaboration, and building an inclusive workforce prepared for the challenges ahead. Follow SaferShift for more insights on Digital Safety from Tiziana Barrow.

Are you interested in getting involved with The Cyber Guild? Join our mailing list to hear about upcoming events, opportunities, and insider news.