The human paradox at the center of modern cyber resilience

Date:
Fri, 23 Jan 2026 14:56:52 +0000

Description:
Human workers are key to preventing cyberattacks and operating alongside AI
to enhance cyber resilience.

FULL STORY ======================================================================

Cybersecurity headlines continue to be punctuated by high-profile, highly disruptive breaches. In fact, 2025 has already seen some of the most damaging incidents on record, with organizations such as M&S and Co-Op suffering
severe and costly disruption.

If the estimated 100 million-plus cost to M&S wasnt bad enough, it was eclipsed by the incident at JLR. widely reported as the most expensive cyber incident in UK history, its overall economic estimated at 1.9 billion.

These and other incidents expose cybersecuritys most enduring paradoxes, humans are both the strongest and weakest links in the chain. M&S has
publicly stated that its breach was a result of human error. While the jury
is still out at JLR, speculation points towards a credentials compromise, a classic social engineering tactic.

At the same time, employees are also the bedrock of effective cyber resilience, with an engaged, well-informed workforce ideally placed to recognize and stop suspicious activity long before it develops into a full-scale incident. A bad problem is becoming worse

The problem for security leaders is that social engineering is still the most effective way to bypass otherwise robust technical controls. The problem is becoming more acute as threat actors increasingly use AI to deliver compelling, personalized, and scalable phishing attacks.

While many such incidents never reach public attention, an attempt last year to defraud WPP used AI-generated video and voice cloning to impersonate
senior executives in a highly convincing deepfake meeting.

Unfortunately, the risks dont end there. Even with strong technical controls and a workforce alert to social engineering tactics, risk also comes from employees who introduce tools, devices or processes that fall outside formal IT governance.

Widely known as Shadow IT, this behavior often stems from good intentions, with people trying to work faster or collaborate more effectively when the official tools dont meet their needs as well as alternatives they have discovered. The result is security blind spots and data governance risks that continue to cause serious difficulties.

The list of challenges goes on, with everyday habits such as credential
reuse, storing files in unapproved locations, sharing data via consumer apps or using unsecured public Wi-Fi all having the potential to undermine organizational security. The need for a cultural shift

So, where does that leave us? Reducing human risk is not just about eliminating mistakes, its about creating an environment where secure behavior becomes the default. Its clear, for instance, that tick box training where people passively click through generic modules just isnt fit for purpose.

Whats needed instead is a shift in both mindset and culture, where employees understand not just what not to do, but why their day-to-day decisions, which tools they trust, how they handle unexpected requests, and when they choose
to slow down and double check something rather than act on instinct genuinely matter.

From a leadership perspective, its much better to foster a culture which people feel comfortable reporting suspicious activity without fear of blame, rather than an environment where taking the risk feels like the easier
option.

Driven by the frustration that awareness training just doesnt cut it, many organizations have implemented layers of security tooling to close human centric security gaps. While no one would dispute that tools are essential, they can only go so far, and without a strong culture, their impact is limited. Strong culture

But what does this strong culture look like? Consider this scenario: An employee receives an unexpected email request that looks routine but feels slightly off. Perhaps, its a supplier asking for account details, or a colleague requesting access to documents they dont usually need.

Instead of acting quickly to avoid delaying work, the employee pauses because the culture has normalized slowing down when something seems unusual.

They also know exactly how to report or verify because the processes are familiar and straightforward, with no confusion about who to contact or whether theyll be blamed for raising a false alarm.

A quick check with the security team confirms the request isnt legitimate.
The team treats the report as valuable intelligence rather than an inconvenience.

Leadership acknowledges the employees actions, reinforcing that thoughtful decisions and early reporting are recognized and valued. The incident becomes a learning example for the wider organization, shared as best practice to
help others recognize similar patterns in future.

The underlying point is that this needs to happen much more often. Get the approach right, and organizations of every size stand a far better chance of staying on course when faced with cyberattacks with the potential to escalate into existential threats.

We've featured the best business VPN.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro



======================================================================
Link to news story: https://www.techradar.com/pro/the-human-paradox-at-the-center-of-modern-cyber- resilience


--- Mystic BBS v1.12 A49 (Linux/64)
* Origin: tqwNet Technology News (1337:1/100)