© Copyright Acquisition International 2026 - All Rights Reserved.

Article Image - Why Human Behaviour is Both a Cyber Threat and a Cyber Defence
Posted 18th October 2023

Why Human Behaviour is Both a Cyber Threat and a Cyber Defence

The digital divide in cyber security is human. When we fail to acknowledge the reality of human behaviour, how people typically work, day to day, we risk undermining the progress of cybersecurity technologies and email is often the achilleas’ heel, according to Dave Adamson, CTO at Espria. According to the Mimecast state of email security 2023 report, phishing attempts soared by over 60% YoY.

Mouse Scroll AnimationScroll to keep reading

Let us help promote your business to a wider following.

Why Human Behaviour is Both a Cyber Threat and a Cyber Defence

Cyber Defence

Email Security 101 – A user-centric approach to email security

The digital divide in cyber security is human. When we fail to acknowledge the reality of human behaviour, how people typically work, day to day, we risk undermining the progress of cybersecurity technologies and email is often the achilleas’ heel, according to Dave Adamson, CTO at Espria. According to the Mimecast state of email security 2023 report, phishing attempts soared by over 60% YoY. 

Whilst collaboration tools like Teams and Slack are commonplace, they’re yet to universally replace email, which remains the primary way most businesses communicate internally and externally. Email is also a vulnerable target for cybercriminals due to its accessibility and the potential for human error. Consequently, email is an effective tool used by cybercriminals to spread spam, attempt phishing attacks and send attachments and links that automatically install malware on a user’s device.

According to the Mimecast state of email security 2023 report, there were an estimated 255 million phishing attempts in 2022, a 61% jump over the prior year, indicating the increasing popularity of this method of attack. Businesses are increasingly at risk if they fail to fortify their policies and their technology. Many large enterprises have sophisticated cyber defence systems in place, and added resources, small and medium-sized enterprises (SMEs) often lack the internal resources and must rely on external partners who are dedicated to foreseeing the next trend in cybersecurity attacks and identifying weak spots in IT systems.

Email security must be a priority in an organisation’s cyber safety measures, including email encryption, multi-factor authentication, and regular updates to anti-malware software. 

Considering the human element to organisational cyber resilience, communications and policies are paramount. It’s simply not possible to over communicate and repetition is key; the same cyber-attacks methods, like phishing emails and malicious content, have avoided eradication because humans forget even if technology doesn’t.   

Another way in which hackers exploit the fallibility of emails is email account hacking with the intention to steal passwords. This is also often achieved by ‘shoulder surfing’ or hacking into the office network. Once inside, the hacker may be able to impersonate nearly anyone within the organisation, including the company’s CEO, managers, and executives posing a huge reputational and financial risk.

Comprehensive security measures are therefore crucial for businesses to protect employees and devices. Two-factor authentication, for example, can make it more challenging for hackers to steal employees’ passwords. However, there have still been cases where users pass multi factor authentication credentials without realising their network is compromised. Organisations can also deploy privileged access management (PAM) to reduce risk.

 

Why human behaviour is both a threat and a defence

While these tactics can offer protection to a certain extent, various security issues and costs are still related to deploying these technologies. Therefore, the key to a company’s defence strategy must be detection. This, in practice, means that when someone accesses your account, atypical behaviour is spotted immediately so that you can take the appropriate action.

While most security approaches focus on protecting an organisation’s network infrastructure, attention is rarely paid to staff and end users. Although the security of the network and connected devices plays a significant role in an organisation’s overall security, engaging users with the general safety of the entire organisation can play a critical role in building robust cyber defences.

The people within organisations should be provided with comprehensive training and easy-to-understand information, empowering and enabling them to identify breaches instantly. When an account or application is accessed unusually, the user knows whether they are responsible for this behaviour change. In addition, the user knows if an attacker has breached the system. For example, if an additional user is added to an account, documents could be shared with unauthorised charges or outside the network. In addition, rights could be granted to other unauthorised users. In this instance, the account owner would know whether or these are legitimate actions, potentially indicating that an account has been compromised.

Ongoing cyber security education and training also empower users to monitor their accounts, devices, and other company assets. A user-centric approach is the only way to speed up security breach identification and ensure a quick response to resolve issues. Data security is everyone’s responsibility.

Categories: Innovation, News


You Might Also Like
Read Full PostRead - Eye Icon
Secure and Convenient Banking Solutions with Direct Deposit
News
31/08/2023Secure and Convenient Banking Solutions with Direct Deposit

There’s a new kid on the banking block, and it’s offering a unique blend of convenience, security, and innovation. It’s known as Sofi direct deposit, a dynamic banking solution that seeks to simplify and secure your financial transactions. He

Read Full PostRead - Eye Icon
Using Promotional Gifts as a Customer Retention Strategy
Strategy
12/11/2025Using Promotional Gifts as a Customer Retention Strategy

In a culture filled with thumb taps, keyboard strokes, and tweets, marketing can sometimes feel like shouting into a black hole. Which is why when a customer can hold, feel, use, or show off your brand, they sit up and take notice. Promotional items are more t

Read Full PostRead - Eye Icon
Recruitment Process Outsourcing 101: Definition and 8 Top Benefits of RPO Services
Strategy
29/09/2025Recruitment Process Outsourcing 101: Definition and 8 Top Benefits of RPO Services

Finding excellent new hires is a multi-step process. Business owners may not have time to research candidates, sort through resumes and schedule interviews while managing daily operations. Recruitment process outsourcing (RPO) solves that problem. Entrepreneur

Read Full PostRead - Eye Icon
Gattai Minoli Agostinelli, White & Case And Facchini Rossi Advise Cvc On The Acquisition Of Recordat
M&A
13/07/2018Gattai Minoli Agostinelli, White & Case And Facchini Rossi Advise Cvc On The Acquisition Of Recordat

The law firms Gattai Minoli Agostinelli & Partners, White & Case LLP and Facchini Rossi & Soci have advised funds managed by CVC Capital Partners in relation to the acquisition of a controlling stake in Recordati from the Recordati family.

Read Full PostRead - Eye Icon
Forget Third-Party Data… How to Use Zero and First-Party Data to Understand Consumers and Fuel Your Marketing Strategy
News
02/12/2024Forget Third-Party Data… How to Use Zero and First-Party Data to Understand Consumers and Fuel Your Marketing Strategy

A cookieless future and the third-party apocalypse have been discussed extensively over the last few years, starting with Apple Safari depreciating cookies in 2017 with intelligent tracking prevention (ITP).

Read Full PostRead - Eye Icon
Cargo Spill Motorcycle Accidents: Liability, Risk and Legal Exposure After Freeway Incidents
Legal
27/01/2026Cargo Spill Motorcycle Accidents: Liability, Risk and Legal Exposure After Freeway Incidents

Unsecured or improperly loaded cargo represents a significant risk within commercial transport operations, particularly on high-speed roads. When debris falls from a truck, the consequences can be severe for other road users, especially motorcyclists who have

Read Full PostRead - Eye Icon
3 Signs Your TOM isn’t Working for You
News
17/06/20253 Signs Your TOM isn’t Working for You

Leading UK technology consultancy identifies the key warning signs that your Target Operating Model isn’t working for you.

Read Full PostRead - Eye Icon
The Dos and Don’ts of Interacting with Insurance Companies After a Personal Injury
Legal
16/05/2023The Dos and Don’ts of Interacting with Insurance Companies After a Personal Injury

Personal injury accidents can be a traumatic experience for anyone involved. From car accidents to slip and falls, the emotional, physical, and financial strain can be overwhelming.

Read Full PostRead - Eye Icon
The Minds Behind the New Era of Grant Management
Innovation
07/10/2021The Minds Behind the New Era of Grant Management

Now with the title of ‘Best Online Application Management Solutions Firm’ for 2021 under its belt, USA based company ZoomGrants has been secured in its place as the leader of grant management software solutions. Combining top of the line technology with un



Our Trusted Brands

Acquisition International is a flagship brand of AI Global Media. AI Global Media is a B2B enterprise and are committed to creating engaging content allowing businesses to market their services to a larger global audience. We have a number of unique brands, each of which serves a specific industry or region. Each brand covers the latest news in its sector and publishes a digital magazine and newsletter which is read by a global audience.

Arrow