As 2021 gets underway, there has been significant elevation not only in the influence and importance of cybersecurity, but also in the human element of security. For example, human error is now recognized as a key contributor to the overall risk profile of an organization.
Unfortunately, as an industry, we're still struggling to manage this risk.
For years now, CISOs have done a remarkable job of training users to understand security risks by purchasing solutions with extensive content libraries, administrative features, and assessments measuring all manner of user failures. But this focus on creating awareness falls short of changing long-lasting behavior. And CISOs know they need to shift focus to humans on the receiving end of these programs.
Many are also acutely aware that organizations with strong security cultures have employees who are educated, enabled and enthusiastic about their personal cybersafety and that of their employer.