Are Humans Really The Weakest Cybersecurity Link?


Humans are frequently considered the weakest link in the security chain, and they are commonly blamed for security system failure. Some experts, such as Ciarán Mc Mahon, Ph.D., director of the Institute of Cyber Security, believe that “people are the weakest link” as this quote is prevalent in the digital world.

This article will analyze the above argument in the context of New Zealand and highlight the proactive measures to combat cybersecurity issues because of human error.

Is this argument strong enough to scrutiny?

According to well-known engineer and writer Quinn Norton, technology may not make mistakes, but it does appear to have faults. However, it isn’t easy to convey how much technology barely functions and how much of our lives’ infrastructure is held together by computers.

How can NZ companies minimize the risk of cyber attacks

Usually, companies in any country spend a huge amount of money on cybersecurity, including a quality VPN service for New Zealand, encryption, anti-virus software, scanning, etc. But the question is, how much do they put into their workforce? Bombarding employees with information at a time when they are already feeling stressed is not a good idea.

Companies devise new methods for increasing employee cybersecurity knowledge. Employees expect the company to have adequate security measures in place in this digital age. However, they are unaware of the perils of clicking on malicious links and opening unverified attachments and other activities that can lead to serious consequences.

Even though technology can screen out the majority of threats, it cannot eliminate all of them. Therefore, employees should be trained on cybersecurity, dealing with potential risks, and reporting them.

As a result, business leaders face the problem of delivering this information in a simple way that must be easy to understand and remember because making sound cybersecurity decisions is the last thing on an already overworked employee’s mind.

Role of Humans vs Machines at the workplace

Computers and mobile devices are used to store, process, and transmit extremely valuable data. As a result, the company is likely to devote a significant amount of resources to safeguard them. Usually, they protect the information by securing the final gateway.

Employees are another operating system that stores, processes, and transfers information. However, the disparity between how much firms invest in securing people versus computers and mobile devices is startling. Even sometimes, companies don’t consider the harmful effects of human error.

What can be considered a Human error?

When it comes to human error, there are so many different meanings to consider. However, Wikipedia defines human error as follows

“Human error is defined as something that the individual did not intend; not required by the rules or observer and it led the job or system beyond its permitted limitations. In a nutshell, it’s a departure from one’s original aim, expectation, or desire.”

What makes humans really the weakest cybersecurity link?

The workplace has never been the same since the coronavirus emerged. Working in a hybrid model, or even entirely from home, has become the new norm and the most efficient manner of finishing projects, strategizing, and planning budgets. However, this progress comes with its own set of difficulties.

For example, when working with critical company data at home, how secure is your internet connection? How many people use an employee’s personal computer at home, and how many of them are responsible enough not to tamper with official documents?

Most businesses have security processes in place in case of an external attack, but they don’t understand that employees usually have the greatest threat. Almost every security failure is blamed on human error, implying that employees are the ones who are largely to blame.

Moreover, human error is a part of the company’s culture and the absence of an appropriate strategy. However, like Sparkle, companies can launch cybersecurity training platforms.

What causes the cybersecurity issues?

Cybercriminals often target front-line employees and even CEOs for cyber attacks. Information is publicly available. For example, LinkedIn and the company’s official website contain facts such as email addresses, employment history, connections, education, and so on – making it easier for attackers to target individuals.

They can utilize the employee data as a point of entry to steal important company information. If the person has not taken any measure for cybersecurity, he could be a victim. Detecting a cyber assault is far more difficult than preventing one in the first place. As a result, human error is blamed for 95% of security breaches, demonstrating that humans are the weakest link in cybersecurity.


Although humans are considered the weakest cybersecurity link, the most significant conclusion from this conversation is that staff should be viewed as security assets rather than threats. Companies can no longer rely just on retaliation. Instead, a workplace culture of knowledge and accountability is required.