Experts call for people-centred cyber resilience & data focus

Experts are urging a fresh approach to cyber resilience that centres on human behaviour, layered defences, and stronger data governance as cybersecurity threats continue to evolve.

As organisations prepare for Cybersecurity Awareness Month, industry leaders across technology, security, and data management have highlighted the urgent need for a shift in strategy, particularly in recognising the interconnected roles of people, process, and technology.

Human behaviour at the frontline

Erich Kron, CISO Advisor at KnowBe4, commented that most breaches continue to involve human factors, with attackers exploiting stress, distraction, and trust to gain a foothold in organisations.

"If we want to strengthen security, we need to start with the people who keep the organisation running. Security tools continue to improve, but so do the threats that rely on manipulating human behaviour. Attackers count on stress, distraction and misplaced trust, and those tactics are working," he stated.

Kron outlined that 70% to 90% of breaches involve human involvement, citing the importance of Human Risk Management (HRM). He insisted that HRM is less about compliance and more about building habits and supporting staff to recognise and respond to security threats effectively. He emphasised that resilience, rather than perfection, is the goal, achievable when staff are prepared and empowered to act on risks.

Operational resilience and business continuity

Adhil Badat, Managing Director APJ at Rackspace Technology, explained that downtime caused by cyberattacks is no longer a manageable inconvenience but can rapidly escalate to significant business losses. He pointed to recent research in Australia, where the average customer-facing incident takes around 2.5 hours to resolve at a cost of over AUD $1 million, arguing that even a short disruption can erode customer trust and revenue.

Badat recommended that organisations move beyond traditional backup and recovery, advocating for ongoing readiness assessments, dependency mapping, and secure recovery environments. He called for resilience to be treated as a continual discipline, requiring consistent investment in people, processes, and testing.

"Resilience should be treated as an ongoing discipline. It requires consistent investment in people, processes and testing so that organisations are able to adapt as threats evolve. By building recovery into the very centre of a cyber strategy, businesses can transform resilience into a competitive strength," he said.

Broader impact and quantum risk

Barry Mainz, CEO of Forescout, addressed the societal consequences of cyberattacks, noting that incidents affecting healthcare, water, and energy infrastructure can have life-altering impacts on communities. He warned that the emerging threat posed by quantum computing could undermine current encryption standards, leaving vital systems vulnerable unless organisations start preparing now by transitioning to post-quantum cryptography.

"Cybersecurity has to move from a twice-a-year phishing test for employees to a well-known, well-taught public safety issue. If cybersecurity isn't everyone's conversation, we cannot succeed," Mainz said.

He called on leaders to make cybersecurity a mainstream public issue and urged professionals to drive organisational adoption of quantum-safe encryption.

Layered security and alert fatigue

Grayson Milbourne, Security Intelligence Director at OpenText Cybersecurity, observed that the cybercrime ecosystem now leverages AI advancements, leading to a higher frequency of sophisticated attacks and compounding the challenge for security teams. He highlighted the difficulties organisations face in integrating solutions across complex networks and the resulting alert fatigue among analysts.

Milbourne advocated for integrated, layered defences and improved identity management as central themes for reducing risk. He suggested that organisations conduct annual reassessments during Cybersecurity Awareness Month to ensure solutions are up to date and response playbooks are rehearsed. AI, he added, can help filter alerts, allowing security teams to use their resources more efficiently.

The realities for security operations

Jimmy Mesta, Co-founder and CTO of RAD Security, remarked that while public initiatives often target end-users, equal focus is required for the teams managing complex and fragmented security frameworks. He noted that defenders are overwhelmed with alerts and compliance demands, and that awareness campaigns need to include those facing operational fatigue, not just consumers.

Mesta recommended prioritising initiatives that help security teams focus on essential risks, streamline workloads, and translate technical data into actionable business decisions.

Data governance as foundation

Anthony Woodward, CEO of RecordPoint, identified data management as the connecting thread between security and trustworthy AI. He argued that robust data governance, inclusive of inventory, classification, lineage, and access practices, not only strengthens cybersecurity but also lays the groundwork for responsible and traceable AI use.

"Your risk, cost, and AI outcomes are all results of how you manage data. Good data management-clear inventory, classification, lineage, least-privilege access, and defensible retention-shrinks your attack surface for security and supplies trustworthy, traceable inputs for AI. One foundation, two domains, three outcomes: lower risk, lower cost, and higher trust," Woodward said.

The expert commentary converges on the need for strategic investments in people, process integration, and transparent data management to combat an evolving threat landscape in cyberspace.