Home / Blogs

Humans’ Best Defense Against Cybersecurity

At regular intervals, I have discussed the cybersecurity situation in Australia. In those assessments, I wrote about my frustration that the previous government policies more or less resembled a fire brigade approach. Trying to address individual incidents with regulations and legislation rather than coming up with a holistic strategy. I also reported earlier this year that finally, such a strategic approach was announced by the current government.

The TikTok Approach

However, the current TikTok approach is just another wack-the-mole reaction. All social media platforms have been used by criminals and foreign powers for monetary or political gain, yet we only now limit the use of TikTok for people in government, which is not even effective—I am scratching my head.

Gartner’s Guidelines For A Holistic Approach

The following research from Gartner provides some good guidelines for such a holistic approach. All of these issues need to be addressed in order to develop a proactive and, most importantly, more effective national strategy. It will always be a cat-and-mouse game with cyber criminals, but at least with such an approach, we can limit the damage and catch those missing the digital world.

As the world continues to rely heavily on technology for business operations, it has become increasingly important for organizations to prioritize cybersecurity. However, according to the analyst firm Gartner, traditional approaches to cybersecurity are no longer enough to keep up with today’s ever-evolving threats. To address this issue, Gartner has identified nine top industry trends that security and risk management leaders must consider when rebalancing their cybersecurity investments.

Human-Centric Approach to Cybersecurity

One of the key trends identified is the need for a human-centric approach to cybersecurity. In other words, organizations must focus not only on technology but also on people when designing and implementing their cybersecurity strategies. This involves considering how employees interact with technology and implementing measures to mitigate risks associated with human error.

A human-centered approach to cybersecurity is essential to reduce security failures. This can be achieved by focusing on people in control design and implementation, as well as through business communications and cybersecurity talent management. Organizations can improve their business-risk decisions and cybersecurity staff retention by doing so.

Enhancing People Management for Security Program Sustainability

Another trend identified by Gartner is the need to enhance people management for security program sustainability. This involves developing a comprehensive approach to talent management, including attracting and retaining skilled cybersecurity professionals, providing ongoing training and development, and fostering a culture of security awareness throughout the organization.

Technology-Focused Trends

In addition to these people-centric trends, Gartner also identified several technology-focused trends that security and risk management leaders must consider. These include transforming the cybersecurity operating model to support value creation, threat exposure management, identity fabric immunity, cybersecurity validation, cybersecurity platform consolidation, composable businesses need composable security, and boards expanding their competency in cybersecurity oversight.

Transforming the Cybersecurity Operating Model

Transforming the cybersecurity operating model to support value creation involves aligning cybersecurity strategies with business objectives and creating a culture of innovation and continuous improvement. This requires a shift away from traditional reactive approaches to cybersecurity and towards a proactive and agile model that can quickly respond to emerging threats.

Threat exposure management involves identifying and assessing potential security risks and vulnerabilities and implementing measures to mitigate them. This includes implementing robust access controls, monitoring systems for suspicious activity, and conducting regular risk assessments.

Identity fabric immunity involves implementing identity and access management (IAM) solutions to protect against identity-based attacks. This involves using a range of technologies and techniques, including multi-factor authentication, biometric identification, and behavioral analytics.

Cybersecurity validation involves testing and verifying the effectiveness of cybersecurity measures and processes. This includes conducting regular penetration testing, vulnerability assessments, and security audits to identify and address any weaknesses.

Cybersecurity platform consolidation involves streamlining and consolidating cybersecurity tools and technologies to improve efficiency and reduce complexity. This includes using integrated solutions that can provide comprehensive security coverage across multiple systems and applications.

Composable businesses need composable security involves adopting a flexible and adaptable approach to cybersecurity that can support the changing needs of a dynamic business environment. This requires a focus on interoperability, modularity, and flexibility in security architectures and solutions.

Finally, boards expanding their competency in cybersecurity oversight involves ensuring that boards have the necessary knowledge and expertise to provide effective cybersecurity oversight. This involves providing regular cybersecurity training and education for board members and developing clear governance frameworks and policies to guide decision-making.


Cybersecurity is an essential consideration for any organization operating in today’s technology-driven world. However, to be effective, cybersecurity strategies must evolve to keep up with the changing threat landscape. By adopting a human-centric approach to cybersecurity and considering the nine trends identified by Gartner, security and risk management leaders can ensure that their cybersecurity investments are well-balanced and effective in mitigating today’s cybersecurity risks.

By Paul Budde, Managing Director of Paul Budde Communication

Paul is also a contributor of the Paul Budde Communication blog located here.

Visit Page

Filed Under


Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Co-designer of the TCP/IP Protocols & the Architecture of the Internet




Sponsored byVerisign

IPv4 Markets

Sponsored byIPv4.Global

Threat Intelligence

Sponsored byWhoisXML API

Brand Protection

Sponsored byCSC

Domain Names

Sponsored byVerisign

New TLDs

Sponsored byRadix


Sponsored byDNIB.com