TECHNOLOGY STRATEGY
celebrate improvements and feel part of a collective defence. When people are engaged, they don’ t just complete training, forget about it and move on: they live it in their day-to-day roles.
Q. WHAT HUMAN ERRORS MOST OFTEN LEAD TO BREACHES? HOW CAN THEY BE REDUCED?
» The most common errors are surprisingly simple. Clicking on a phishing link, reusing weak passwords, leaving sensitive documents unattended or joining unsecured Wi-Fi networks are some of the most common.
Social engineering plays a major role. Attackers use tactics like pretexting, baiting and quid pro quo to trick people into sharing information. Tailgating, both digital and physical, is another overlooked risk.
These errors usually stem from lack of awareness or pressure to act quickly, rather than negligence. Reducing them requires a mix of education and culture.
Regular training, phishing simulations and clear procedures help build confidence in spotting suspicious activity. Encouraging and creating a safe space for a‘ stop and check’ mentality is key. Staff should feel comfortable to question unexpected requests or report potential mistakes.
By creating a culture where vigilance is normal and errors are used as learning opportunities, organisations can significantly lower the risk of human-driven breaches.
Q. WITH AI-POWERED PHISHING ON THE RISE, HOW SHOULD AWARENESS TRAINING EVOLVE?
» AI is making phishing attacks more convincing than ever. Emails can now be tailored with contextspecific details, and even voice or video deepfakes. Traditional training that relies on spotting poor spelling or formatting is no longer enough. Awareness programmes need to adapt by focusing on behaviours rather than appearances.
248 December 2025