Key Takeaways
• Cybercriminals are shifting from phishing to manipulating people through social engineering, deepfakes, and identity deception.
• 90% of cyber incidents involve human error, making human-centric security training and MDR essential.
• MDR/XDR detects psychological and behavioural attack patterns in real time.
• SOC-as-a-Service provides continuous visibility and human oversight across digital channels.
Introduction
Phishing emails may still dominate the headlines, but they’re just one piece of a much bigger problem. Cybercriminals have evolved beyond traditional scams, targeting people rather than systems. These ‘human-centric’ cyber threats exploit psychology, trust, and behaviour to bypass even the best technology defences.
In the last 12 months, phishing attacks have remained the most prevalent and disruptive type of breach or attack, experienced by 85% of businesses and 86% of charities in the United Kingdom. Mr. Farooq Zafar, cybersecurity consultant, said in a conference, “In cybersecurity, your greatest asset, people, can also be your biggest risk.”
Fortray, a leading Managed Services Provider (MSP) in the UK, helps businesses stay ahead of these attacks through MDR/XDR and SOC, combining AI, automation, and human expertise to protect what technology alone can’t!
The Shift from Traditional Phishing to Human-Centric Cyber Threats
What Traditional Phishing Looked Like?
Classic phishing relied on fake emails, deceptive links, and spoofed brands. The cyber attackers tricked users into revealing credentials or downloading malware. While still dangerous, these attacks are now easy to detect with modern spam filters and endpoint protection.
The Rise of ‘Human-Centric’ Threats
Today’s cybercriminals target human behaviour, not just systems! They manipulate trust, emotion, and authority using advanced methods like deepfakes, voice cloning, and social engineering. The UK Cyber Security Breaches Survey 2025 states that 90% of breaches involve human error, not technical flaws.
Why Humans Are Now the Primary Target?
Businesses are now adopting hybrid work, cloud apps, and digital collaboration, so attackers exploit these touchpoints. Employees, contractors, and even executives are prime entry points, especially through social networks and business communication platforms.
Recommended Reading: Cyber Talk with Mr. Farooq Zafar, IT Cybersecurity Consultant
The New Generation of Human-Centric Cyber Threats
Business Email Compromise (BEC)
BEC scams employ impersonation and social engineering tactics to deceive employees into transferring funds or disclosing sensitive information. Modern BEC attacks are highly personalised, leveraging stolen data and AI-generated communications to appear legitimate.
Deepfake and Voice Phishing (Vishing)
Attackers now use AI voice cloning and video deepfakes to impersonate CEOs, suppliers, or partners. In 2019, a UK-based energy firm lost over £220,000 after an employee followed voice instructions believed to be from an executive. SOC-as-a-Service continuously monitors behavioural anomalies to detect and stop such targeted impersonation attacks.
Social Media Engineering
Cybercriminals mine LinkedIn, X (Twitter), and other platforms to build psychological profiles. They craft believable narratives, connect professionally, and eventually deliver malicious links disguised as business documents or proposals.
Insider Threats and Privilege Misuse
Not all threats come from outside! Disgruntled employees, contractors, or third-party vendors may intentionally or unintentionally expose systems to risk. Managed Detection and Response (MDR) identifies abnormal user activity using AI-powered behavioural analytics.
Ransomware via Social Engineering
Modern ransomware often starts with human deception, not technical exploitation. Attackers convince users to disable antivirus software or approve malicious downloads, leading to widespread network compromise. MDR platform integrates automated isolation to contain such threats instantly.
Why Traditional Cyber Defences Aren’t Enough?
Limited Visibility
Legacy firewalls and EDR tools focus on endpoints, not users. They miss the subtle psychological manipulations that start human-centric attacks.
Overwhelmed Security Teams
The average organisation in the United Kingdom receives over 11,000 security alerts daily. Without automation and correlation, most teams can’t prioritise real threats.
Reactive, Not Predictive
Older solutions only respond after compromise. Modern cybersecurity must predict, detect, and adapt in real time. This is something achievable only with MDR/XDR and SOC-as-a-Service.
Recommended Reading: Strengthening Your IT Resilience in 2026 & Beyond
How Managed Security Services Counter Human-Centric Threats?
AI-Driven Detection and Threat Intelligence
MDR/XDR platform integrates AI threat correlation and global intelligence feeds to detect emerging attack patterns before they escalate. It automatically links human actions with digital anomalies, detecting phishing, vishing, and deepfake indicators.
Behavioural Analytics and User Monitoring
By analysing user habits and access behaviour, Fortray identifies unusual login times, location anomalies, or suspicious data downloads. This proactive approach enables early containment before damage occurs.
24/7 Monitoring via SOC-as-a-Service
SOC-as-a-Service offers continuous monitoring from UK-based analysts. Using machine learning, automation, and incident playbooks, the SOC neutralises threats across endpoints, cloud apps, and user activity — round the clock.
Employee Awareness and Simulation Training
Technology alone isn’t enough! Fortray helps businesses run phishing simulations and awareness programs to strengthen their first line of defence, employees.
Rapid Incident Response and Recovery
Once a breach occurs, MDR/XDR and SOC systems respond instantly; isolating systems, performing forensics, and restoring operations with minimal downtime.
“Human-centric threats demand human-centric defence — combining AI precision with expert judgment,” cybersecurity consultant at Fortray, said.
Recommended Reading: What is XDR? The Evolution from EDR and Why Your Business Needs It
Real World Examples
In early 2025, the UK saw a chilling reminder of how powerful human-centric cyber threats can be. Three household names, M&S, Co-op, and Harrods, all found themselves under attack within weeks of each other.
M&S Ransomware Attack
It started quietly at M&S, with cybercriminals slipping into the company’s network unnoticed. For weeks, no one realised that hackers were slowly collecting login data and mapping the system from within. Then, one morning in April, everything stopped. The web orders froze, systems went dark, and the DragonForce ransomware had locked up critical servers!
The impact? Estimated £3.8 million loss per day, plus £500 million wiped off stock market value. It was a whole season lost for M&S!
The Co-op Data Breach
In Co-op, it wasn’t malware, it was manipulation! A well-crafted social engineering email convinced an employee to reset a password for what they thought was an IT request. That one moment of misplaced trust gave attackers the keys to the membership database. The names, contacts, and personal information of 6.5 million customers were suddenly in the wrong hands!
The impact? £206m lostin revenue, and the operating profit was hit by £80m in the first half of its financial year. It now estimates a £120m hit to full-year profits as a result of the cyber-attack.
Harrods Attempted Breach
The luxury department store, Harrods, has been contacted by hackers after data relating to 430,000 customer records was stolen in an IT breach. They detected a suspicious intrusion attempt and immediately restricted network access. This proactive move blocked attackers before major disruption occurred, showing the importance of rapid response and monitoring.
Just recently, Jaguar Land Rover (JLR) cyber-attack caused UK car production to hit a 70-year low for September 2025; costing an estimated £1.9bn in revenue.
These cases prove that phishing and social engineering are evolving into multi-stage, data-driven attacks, targeting people first, systems later! Only continuous monitoring, behavioural analytics, and expert human oversight can prevent similar crises before they escalate.
How UK Businesses Can Strengthen Human-Centric Cyber Resilience?
1: Adopt Managed Detection and Response (MDR) to unify threat visibility and automated containment.
2: Integrate SOC-as-a-Service for 24/7 monitoring by cybersecurity specialists.
3: Conduct regular phishing and vishing simulations to build employee awareness.
4: Enforce multi-factor authentication (MFA) and identity verification protocols.
5: Leverage AI analytics to monitor behavioural anomalies across users and endpoints.
Recommended Reading: Is Your MSP Future-Ready? Checklist for 2025 Tech Trends & Compliance
Conclusion
Technology alone cannot outsmart human deception! In today’s landscape, where trust can be faked and authority can be imitated, human-centric cybersecurity is the new frontier. MDR/XDR and SOC solutions give businesses the tools, intelligence, and expertise to stay one step ahead, protecting not just networks, but people!
Talk to our IT Security Experts Today and build a future-ready, human-aware cybersecurity framework!
Frequently Asked Questions (FAQs)
They are attacks that exploit human behaviour, trust, and emotion, not just technology, including phishing, social engineering, and deepfakes.
Phishing now includes AI-generated emails, voice cloning, and video impersonation, making it harder to detect with traditional tools.
By adopting Managed Detection and Response and running continuous awareness training, SMEs gain enterprise-grade protection at a manageable cost.
It provides 24/7 monitoring, threat correlation, and rapid incident response, essential for detecting complex, human-driven cyber threats.
Fortray combines AI-powered detection, UK-based SOC teams, and tailored MDR/XDR solutions to secure your business against phishing and human-centric cyber risks.
