News

Cyber Security Isn't Only About Technology. It's About Being Human.

July 15, 2026
Article by:
Sue Wilkinson

I spend a reasonable amount of time on aeroplanes, and one thing I've noticed about myself is that, despite knowing I probably shouldn't, I almost always find myself glancing at the screens around me.

Some people are watching movies. Some are playing games. Then someone opens their laptop and starts working.

Without meaning to, I catch a glimpse of an email, a spreadsheet or a presentation. Never enough to deliberately read it, but enough to remind me how naturally our attention is drawn to information.

I suspect I'm not alone.

There's something deeply human about noticing what's happening around us. It's the same instinct that makes us glance at a newspaper headline, look at a whiteboard as we walk past a meeting room, or notice a notification appear on someone else's phone.

It's rarely intentional.

It's simply human.

And that simple observation says a lot about cyber security.

When people think about security awareness, they often think about phishing emails. Phishing is important, but it's only one example of something much bigger.

Every day we make hundreds of small decisions involving technology. We leave a laptop open while grabbing a coffee. We read confidential reports in a public place. We share information a little more widely than intended. We paste something into an AI tool without stopping to think about what it contains. We approve a request because we're busy and want to get on with our day.

None of these actions come from bad intentions. They come from normal human behaviour.

The challenge is that cyber criminals understand human behaviour remarkably well. They know we're busy, curious, helpful and often working under pressure. Their attacks are designed around psychology far more than technology.

That's why security awareness matters.

Not because your people are the weakest link. I don't believe they are.

Your people are one of your most important security controls. Like every other control, they simply need the right support.

For years, organisations have relied on annual training sessions and compliance exercises that people endure rather than enjoy. The intention has always been good, but the outcome has often been disappointing.

People are busy. They're constantly switching between priorities, and it's unrealistic to expect a single annual course to change behaviour.

The organisations seeing the greatest success are taking a different approach. They recognise that people remember stories more than policies, humour more than presentations, and short, relevant lessons far better than a training course they completed months ago.

One of the reasons we've chosen to introduce Mimecast Security Awareness Training is because it respects people's time.

The lessons are short, engaging and genuinely funny. More importantly, they're memorable.

Rather than asking people to stop being human, they help people recognise the moments that matter. Over time, those small moments become better habits, and better habits become part of an organisation's culture.

Technology will always play an important role in protecting an organisation. But every day, people make hundreds of decisions that no firewall, email filter or security platform can make for them.

Download the ebook now
Sign-up to our newsletter
Stay ahead with our newsletter. Get the latest tech updates, business insights, and industry tips.
Register now
More ebooks
More webinars

More news