'%3e%3cpath%20d='M274.111%2080.4677L291.69%20129.625L309.27%2080.026C311.758%2073.0053%20314.246%2065.8372%20316.733%2058.522H350.124L340.468%2083.3126L307.519%20166.696H275.667L242.506%2082.4291L232.85%2058.5043H266.241L274.146%2080.4501L274.111%2080.4677Z'%20fill='white'/%3e%3cpath%20d='M362.857%20150.263V58.5397H393.613V166.731H362.857V150.281V150.263Z'%20fill='white'/%3e%3cpath%20d='M481.9%2058.522H512.656V166.713H481.9V155.529C475.746%20164.752%20464.55%20170.018%20450.048%20170.018C425.005%20170.018%20411.617%20153.125%20411.617%20128.547V58.5396H442.143V119.111C442.143%20132.929%20449.394%20140.827%20461.915%20140.827C471.572%20140.827%20478.168%20136.216%20481.9%20127.01V58.5396V58.522Z'%20fill='white'/%3e%3cpath%20d='M530.642%20150.263V58.5396H561.397V69.2828C567.764%2060.2889%20578.305%2055.2354%20591.711%2055.2354C606.213%2055.2354%20616.754%2060.713%20623.121%2069.9366C630.142%2060.9427%20641.567%2055.2354%20656.511%2055.2354C684.844%2055.2354%20700%2072.1276%20700%2096.7062V166.713H669.245V105.276C669.245%2092.3241%20662.224%2084.4257%20650.144%2084.4257C641.142%2084.4257%20634.333%2089.0375%20630.602%2097.5896V166.713H600.076V105.276C600.076%2092.3241%20593.055%2084.4257%20581.188%2084.4257C571.956%2084.4257%20565.589%2089.0375%20561.415%2097.5896V166.713H530.66V150.263H530.642Z'%20fill='white'/%3e%3cpath%20d='M378.227%2039.6508C389.186%2039.6508%20398.07%2030.7746%20398.07%2019.8254C398.07%208.87613%20389.186%200%20378.227%200C367.267%200%20358.383%208.87613%20358.383%2019.8254C358.383%2030.7746%20367.267%2039.6508%20378.227%2039.6508Z'%20fill='white'/%3e%3cpath%20d='M233.929%20117.344C234.583%2077.8526%20216.579%2055.2354%20180.111%2055.2354C146.508%2055.2354%20125.852%2078.9304%20125.852%20113.386C125.852%20116.373%20126.135%20119.376%20126.807%20122.292C133.067%20149.203%20155.245%20166.713%20183.701%20166.713C204.04%20166.713%20219.126%20158.444%20229.614%20144.927L211.38%20128.158C202.572%20136.657%20194.826%20140.138%20184.126%20140.138C169.889%20140.138%20159.843%20132.328%20156.678%20117.344H233.911H233.929ZM179.899%2075.4319C194.614%2075.4319%20201.865%2085.3092%20201.865%2098.0314H157.491C158.376%2084.4257%20166.493%2075.4319%20179.899%2075.4319Z'%20fill='white'/%3e%3cpath%20d='M19.8787%20166.978C30.8574%20166.978%2039.7575%20158.087%2039.7575%20147.118C39.7575%20136.149%2030.8574%20127.257%2019.8787%20127.257C8.90001%20127.257%200%20136.149%200%20147.118C0%20158.087%208.90001%20166.978%2019.8787%20166.978Z'%20fill='%23F5C345'/%3e%3cpath%20d='M115.505%20144.768L82.2916%20102.343C100.985%2095.5223%20112.216%2079.7079%20112.216%2059.4761C112.216%2031.9998%2091.5412%2013.0932%2059.8484%2013.0932H0V106.071H21.1167C33.3199%20106.389%2044.2142%20112.043%2051.5184%20120.808C52.3674%20121.815%2053.1632%20122.875%2053.906%20123.97L81.195%20160.105C84.8383%20164.31%2090.2148%20166.961%2096.2102%20166.961H132.678L115.523%20144.768H115.505ZM54.7549%2079.4782H32.3118V39.6861H54.7549C72.14%2039.6861%2079.3911%2047.6021%2079.3911%2059.4761C79.3911%2071.3502%2072.1223%2079.4782%2054.7549%2079.4782Z'%20fill='white'/%3e%3c/g%3e%3cdefs%3e%3cclipPath%20id='clip0_340_1366'%3e%3crect%20width='700'%20height='170'%20fill='white'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e)
3 minutes
Jacques Botes
The Human Factor in Cybersecurity
29% of data breaches are caused by human error. How can organisations work to prevent this and create a culture of security?
Australian businesses are projected to spend $6.2 billion on security and risk management in 2025. Organisations often set up complicated infrastructures and firewalls, yet seem to forget you’re only as strong as your weakest link.
And what is the weakest link in the security chain? People. Read on to learn how you can turn your weakest link into your strongest line of defence.
To Err is Human
Analysing the Notifiable Data Breaches Report from July to December 2024 reveals that human error was a large contributor to data breaches, accounting for 170 of the notifications. These breaches, often resulting from unauthorised disclosures or the mishandling of personal information, make up 29% of the reported incidents, a 10% increase from the preceding period. This trend is not confined to Australia alone. Internationally, the number of data breaches caused by human error increases to 95%.
Looking ahead, this trend is expected to grow, due to the exponential growth of AI in workplaces. As Generative and Agentic AI tools continue to gain popularity without accompanying organisational AI policies, the likelihood of employees inadvertently exposing sensitive data through these technologies only grows.
So...What Can You Do?
There are several key strategies you can put in place in your organisation:
Add in the necessary controls and policies in place: encryption, awareness training, and software updates, to name a few.
Ensure IT teams and business users are both accountable to ensure access management is reviewed.
When a staff member leaves, proactively review and revoke access to all systems.
Create a process to regularly review access to systems every 6 months, not only when staff leave.
Don’t forget that this process extends to contractors, vendors and anybody that has access to your company data.
Create an incident response plan and test it with staff through various scenarios and practical examples.
Have regularly scheduled staff training and awareness sessions. Ensure it is clear and concise, but don’t overdo it, as this can cause fatigue.
Ideate and enforce a clear AI policy and communicate that with your staff. Create capabilities and guardrails for your staff to explore and use AI in a safe way.
Creating a Culture of Security
Beyond policies and procedures, sustainable cybersecurity requires embedding security awareness into your organisation's DNA. This means moving from a compliance based approach, to creating an environment where security becomes second nature.
Start by making security everyone's responsibility, not just IT's domain.
Recognise and reward employees who identify potential threats or follow security protocols correctly.
Share success stories of prevented incidents to demonstrate the value of vigilance.
Consider appointing security champions across different departments who can serve as local advocates and first points of contact for security concerns.
Finally, and perhaps most importantly - leadership visibility is crucial. When senior leadership actively participate in security training and openly discuss security priorities, it signals to the entire organisation that cybersecurity is a business imperative, not just a technical requirement. This cultural shift is what transforms your workforce from the weakest link into your strongest defence.
As businesses navigate the complexities of modern cybersecurity, recognising the human role is crucial to remain secure. The data underscores a pressing need to address your staff in order to ensure the investment in your security frameworks is not for naught. Through a combination of technical safeguards, access management, incident planning, structured training, and well-defined AI policies, organisations can fortify their cybersecurity posture. You can transform human weaknesses into strengths, clearing the way for a secure future for your business.
Want to learn more? Talk to us about how to implement people-first cybersecurity practices in your organisation.