Blaming Humans Is Easy. Building Resilient Systems Is Leadership.
May 22, 2026 • Tom Abuta
Introduction
Most people remember the 2020 twitter incident. Thousands of people were scammed after hijacked accounts of prominent verified users shared cryptocurrency scam. The scam was only active for a few hours. What was astonishing is that within only a few hours attackers reportedly collected more than $110,000 through the scam.
Twitter later provided information and confirmed it was a social engineering attack that opened the door to this incident. Some of employees with access to internal systems were targeted.
It is not new when cyber security incidents occur human are the first to blame. Over and over again it has been over emphasized “Humans are the weakest Link”. We are more focused on what we already know without translating this to a defense mechanism.
According to Researchers from Stanford university 88% of all data breaches are caused by an employee mistake. Human errors still remain very much the driving force behind an overwhelming majority of cybersecurity problems.
“Your employees are focused on the job you hired them to do and when faced with to-do lists, distractions, and pressure to get things done quickly, cognitive loads become overwhelming and mistakes can happen” this the conclusion of “Psychology of human error” study.
This goes to show that human beings are not uniquely flawed in cybersecurity environments. Human error exists in every industry and every operational process. This is so accurate that nearly 50% of employees across all operations are certain to have made an error at work that could have led to security issues to their company.
People getting distracted, overloaded, rushed. Fatigued, or pressured by competing priorities is quite a norm in a fast-paced industry environment. The way human act to fear, urgency, trust - tactics used by attackers in social engineering are normal human behavior and not abnormal failure.
The criticism that “human are the weakest link” should shift to more urgent question.
Why are critical systems still designed to fail catastrophically after a single predictable human mistake?
Human Error Is predictable, not exceptional
Modern organizations operate in environments where employees process multiple emails, manage several clients, are required to approve and make request to tens if not hundreds of people from internal and other partner organizations.
In these conditions, mistakes are statistically inventible. For instance, under normal conditions humans average 5 -7 errors / hr. this number tends to increase to 11 – 15 errors/hr under stressful conditions.
Other industries have recognized this principle. In aviation for instance aircraft systems have been designed with multiple layers of redundancy because pilots can make mistakes under pressure.
In healthcare, surgical checklists and automated alerts exist because medical professionals can overlook critical details during stressful situations.
If one mistaken click can expose an entire network in your organization, the underlying issue is not the click itself. The issue is that the environment lacked sufficient safeguards to contain the damage.
The Problem is Often System Design, Not Human Behavior.
Excessive user access privileges, shared accounts, manual approval processes, overly complex security procedures, lack of automated monitoring are just among examples of design failures in many organizations. Many organizations continue to rely heavily on employee vigilance while underinvesting in resilient security architecture.
Depending entirely on employees to make perfect decision every time, is equivalent to increasing your risk exposure significantly. Security architecture should assume that mistakes will occur and should be designed to minimize the impact when they do.
One Day Awareness Session is not training.
The very people often blamed for security failures can become an organization’s strongest line of defense but not through routine, one off cybersecurity awareness session.
In many cases, these programs are conducted primarily to satisfy compliance requirements rather than to strengthen actual security resilience. Research has consistently shown that such training alone is inadequate. Employees still fall victim to sophisticated phishing attacks, especially when attackers exploit urgency, impersonation, and psychological manipulation.
It is unrealistic to expect every employee to think and respond like a cybersecurity specialist. Organizations therefore need to move beyond simply creating cybersecurity awareness and instead build a true cybersecurity culture. This is achieved by combining continuous, practical training with embedded technical controls that reinforce secure behavior and reduce the likelihood of human error.
Resilient Systems reduce the Impact of Human Error
Organizations should turn their focus in building strong security systems. This will considerably prevent ordinary mistakes from becoming major incidents. Cyber Resilience emphasizes the ability to respond and recover from incidents. It encompasses creating systems that can withstand disruptions, quickly restore normal functionality and anticipate human insufficiencies while ensuring minimal impact on operation.
While several solutions exist to support this, I will focus on three non-negotiable strategies that provide a critical safety net against human error:
1. Multi-Factor Authentication (MFA)
Stolen or weak credentials remain at an all-time high at 81%. An estimated 21 to billion credentials are in circulation on the dark web. This underscores why passwords alone are no longer sufficient protection. The assurance that you have a layered security where anyone with credentials will still need something that you have e.g. phone for authenticator app or hardware token or something you are biometrics like finger prints. Will create difficulty to an attacker who tries to compromise your system.
2. Data Loss Prevention (DLP)
Employees can accidentally share sensitive information through email storage, or external transfers, DLP technologies help identify and restrict unauthorized movement of sensitive data automatically. Our partners Seclore have gone ahead to create a game changing solution that can enable one to restrict, track and even remove entire access to your data. Not to mention other features such Encryption, block unauthorized sharing, trigger alerts, detect sensitive data.
This reduces the reliance of employees to manually perform such activities and the system automatically does this without any psychological interference.
3. Build Security Culture
Blame driven security cultures often create unintended consequences. When employees fear punishment for mistakes, they may delay incident reporting, conceal accidental disclosures, or avoid transparency. This significantly reduces organizational visibility and slows incident response.
Employees should be treated as active participants in security and compliance efforts, not as liabilities to be managed through fear. Stronger approaches encourage employees to report issues quickly without fear of disproportionate punishment.
Building this culture requires a deliberate, proactive strategy. A proactive approach moves from mere awareness to proven, measurable solutions that embed a security mindset in every employee.
There are solutions available to help achieve this. Training simulations based on realistic incidents drive a stronger mindset shift towards cyber hygiene.
These solutions offer customized attack scenarios and help employees develop secure response mechanisms. They also generate metrics that help analyze security posture and without discrimination improve individual weaknesses.
Conclusion
The real measure of resilience is whether an organization has built systems capable of preventing ordinary mistakes from escalating into operational financial or reputational crises.
Strong leadership recognizes this reality. Resilient organizations invest in layered defenses, practical training, adaptive technologies and security cultures built on accountability rather than fear.
Ultimately leadership determines security maturity, resilient security environments are built through top – down decisive actions.
Ready to assess your organization's Security Posture? Let us talk.
Telephone: +254 728223333 |
Email: cybersecurity@southendtech.co.ke | info@southendtech.co.ke | dataprotection@southendtech.co.ke
South-End Tech Limited — Helping businesses build visible and Cyber-resilient Enterprises.