A report from Mastercard reveals that 95% of data breaches result from human error, underscoring the need for organisations to invest in strategies that address the “human factor” of cybersecurity.
“Our team recognises that the human element is both a vital asset and a potential vulnerability within an organisation’s cybersecurity framework,” said Ivanna Granelli, Chief Executive Officer of Can!do Consulting. “While advanced technologies are critical, they must be complemented by continuous education and training to build a culture of cybersecurity awareness.”
The Human Factor in Cybersecurity
Despite substantial investments in cybersecurity technologies, organisations face ongoing risks from human behaviour. Employees, whether inadvertently or maliciously, can become the weakest link in an organisation’s defences. Cognitive biases, convenience-driven shortcuts, and insufficient understanding of security protocols are common culprits that can compromise an otherwise robust security system.
Social engineering tactics, like phishing attacks, exploit these human vulnerabilities by manipulating individuals into revealing sensitive information. According to Can!do Consulting, it’s crucial for businesses to counteract these threats by combining technical safeguards with clear, accessible policies and regular training that fosters a security-first mindset among employees.
“Security policies alone are not enough,” explained Lyndsey Martin, Managing Director of Can!do Consulting. “Many employees don’t follow these policies, often due to complex language challenges or a lack of engagement. By focusing on effective training and creating an environment where cybersecurity is part of daily practice, we help organisations empower their employees to become proactive defenders of company data.”
The Role of Employee Training in Mitigating Cyber Risks
Research highlights that 44% of companies report non-compliance with security protocols among staff, yet only 26% plan to enforce these policies effectively. Can!do Consulting recommends that businesses adopt a dual approach of robust software solutions paired with employee awareness training to safeguard their networks.
Through targeted training programs, organisations can equip staff with the knowledge to detect potential threats, understand the risks of non-compliance, and respond appropriately in critical situations. Can!do Consulting’s training strategies focus on simplifying policies, engaging employees, and transforming them from cybersecurity risks into informed allies.
“Training is an essential defensive measure in today’s cyber landscape,” Granelli added. “As cyber threats evolve, our training programs are designed to adapt, ensuring that staff receive regular updates on the latest threats and best practices, empowering them to navigate an increasingly complex digital environment.”
About Can!do Consulting
Founded in 1993, Can!do Consulting partners with large and medium-sized organisations to maximise the value of their technology investments and streamline business process adoption. Headquartered in South Africa, Can!do Consulting extends its support internationally, collaborating in off- and nearshore setups with client and supplier teams across Europe and beyond. With a comprehensive approach that blends technical expertise with employee-focused solutions, Can!do Consulting equips organisations to face modern cybersecurity challenges with confidence.