Email remains organizations' most serious cybersecurity threat

Cybersecurity expert Robert Herjavec reports email remains the top attack vector, with 85% of ransomware incidents originating from email or multi-factor authentication breaches as of March 2026. Despite AI’s growing role in accelerating cyber threats, traditional email-based attacks dominate organizational risks, according to Herjavec’s analysis during a HIMSS TV interview. Healthcare and enterprise sectors face persistent vulnerabilities, with phishing and credential theft via email outpacing more sophisticated AI-driven attack methods in frequency and impact. Herjavec’s data underscores a critical gap in cybersecurity strategies, as organizations prioritize AI defenses while neglecting foundational protections like email filtering and MFA hardening. The findings highlight an urgent need for balanced security investments, combining AI threat detection with reinforced email protocols to mitigate the most common and costly breach pathways.