Human risk management (HRM) plays a crucial role in cybersecurity by targeting interventions to address human behaviors that can be exploited by cyber attackers.


According to the 2024 Verizon Data Breach Investigations Report (DBIR), 68% of breaches in 2023 involved a non-malicious human element [1] [2], such as falling for phishing emails [2]. Despite cybersecurity awareness training [1], human errors like these persist. John Scott from CultureAI stresses the importance of understanding individual employee risks and behaviors to proactively identify and address cyber risks. HRM involves gaining insights into workforce activities through automation technologies and integrating data sources for continuous monitoring of human risks. This information can inform targeted awareness training to mitigate specific vulnerabilities observed among employees [2]. Innovative approaches to mitigating cyber threats targeting human behavior will be discussed at the upcoming Infosecurity Europe conference in London [2].


Effective HRM is essential in mitigating cyber risks posed by human behavior. By understanding individual employee risks and behaviors, organizations can proactively address vulnerabilities and enhance cybersecurity measures. Continued advancements in automation technologies and data integration will further improve HRM practices, leading to a more secure digital environment. The upcoming Infosecurity Europe conference in London will provide a platform for discussing innovative strategies to combat cyber threats targeting human behavior.