Raising awareness to protect: the human link in enterprise cybersecurity

Despite having advanced technological defenses in place, the human factor remains the Achilles' heel for many organizations. According to recent studies, up to 95% of data breaches are related to human error—from phishing, password mismanagement, to credential misuse—while 74% of organizations acknowledge having suffered security incidents directly attributable to their employees' internal behavior.

At Onistec, in partnership with Whalemate, we address this challenge from the ground up: without conscious and skilled teams, no technological solution reaches its full potential. Whalemate redefines prevention with a platform that integrates gamification, neuroscience, and behavioral analytics to transform learning into real action.

Why does a human-centric strategy work?

1.       Realistic and recurring simulation

Whalemate recreates phishing, whaling, and other attack scenarios with psychological accuracy, revealing frequent risk patterns.

2.      Contextualized and personalized training

Based on actual team errors, not generic training; This improves retention and reduces the repetition of unsafe behaviors.

3.      Actionable metrics

Get risk scores per user, evolution of awareness level and trends in common failures – measuring is moving forward.

Verifiable impact:

• Up to 95% avoidable breaches if human error is corrected.

•  30% of attacks are initiated via phishing, which is already the leading cause of incidents.

• In the financial sector, for example, up to 23% of incidents are directly linked to internal failures or oversights.

  
  

From isolated training to culture change

Companies that activate continuous awareness campaigns (not just one-off workshops) manage to reduce human risk in a sustained way. With Whalemate, micro-lessons, nudges, and frequent simulations build a self-sustaining safety culture, where every employee becomes a key player in organizational defense.