Human risk factors: cybersecurity’s weak spot

2025-08-07

More than three quarters of security breaches result from human behaviour. But as an industry, we focus far more on technical security measures, than on the human element. Human risk management sets out to change this. Its proponents aruge that by measuring what people do on networks and systems, we create a much clearer picture of risk. In fact, they say, the risks posed by people should be on the business' risk register. And it's only with that picture that we can implement the controls,...

More than three quarters of security breaches result from human behaviour.

But as an industry, we focus far more on technical security measures, than on the human element.

Human risk management sets out to change this. Its proponents aruge that by measuring what people do on networks and systems, we create a much clearer picture of risk.

In fact, they say, the risks posed by people should be on the business' risk register.

And it's only with that picture that we can implement the controls, and measures such as security awareness and training. But human risk management goes far beyond anti-phishing campaigns.

Our guest is Ashley Rose, co-founder and CEO of Living Security.

With a background in both marketing and psychology, she’s setting out to help organisations move away from focusing on devices, and to a human-centric view of security.

Comments (3)