According to this article https://www.thefastmode.com/expert-opinion/39418-why-did-clicks-on-phishing-links-in-the-workplace-triple-in-2024 clicks on Phising Links in the Workplace tripled in 2024.

In this article they discusses some of the main threats organizations has been exposed to in 2024.

In conclusion they find organisations should consider the following:

- Ensure the ability to inspect all HTTP and HTTPS web and cloud traffic for
 phishing, trojans, malware and other malicious content.
- Inspect risky file types such as executables and archives using static and 
dynamic analysis.
- Block access to apps that do not serve any legitimate business purpose.
- Block downloads and uploads from apps and instances where they are not 
strictly necessary.
- Use data protection policies to detect and block when sensitive and regulated 
data are being sent where they shouldn’t go.
- Identify and block malicious traffic patterns, such as command and control 
traffic associated with prevalent malware.
- Analyse behaviours to help identify less obvious threats, such as compromised 
devices, accounts and insider threats.
- Shield users and devices when they need to visit websites that may be higher 
risk, for example using technologies such as Remote Browser Isolation.