The Human Factor: Why Employees Are Your Biggest Cybersecurity Risk

Cyberattacks are a threat to information security and the underlying reason behind it is the continuous increase in internet consumption by individuals and organizations (Zwilling et al., 2020). Today IT systems are no longer used to support the business, but it is instead a precondition for the businesses to function. What is happening among companies is that they today rely more on effective processes, people, and security technologies that are usually threatened by cyberattacks. To reduce the risk of the threats, companies are trying to support information security by using different technological solutions (Reeves et al., 2020). Despite that, the number of cyberattacks is still increasing in Europe (Reeves et al., 2020; Panou et al., 2017). The identified reason behind it is the increased management of humans that lack risk awareness and knowledge regarding the possible threats of cyberattacks (Reeves et al., 2020). Zwilling et al. (2020) and Lacey (2010) claim human error to be the weakest link in the cybersecurity chain. Further, Zwilling et al. (2020) describe that no matter what tool is being used to strengthen cybersecurity, the lack of awareness among the employees and especially leaders will outweigh the preventive measures that are being implemented (Zwilling et al., 2020).