{"id":692583,"date":"2025-07-15T08:27:35","date_gmt":"2025-07-15T08:27:35","guid":{"rendered":"https:\/\/www.capgemini.com\/gb-en\/?p=692583"},"modified":"2026-01-22T07:44:05","modified_gmt":"2026-01-22T07:44:05","slug":"cybersecurity-human-risk-weakest-link","status":"publish","type":"post","link":"https:\/\/www.capgemini.com\/gb-en\/insights\/expert-perspectives\/cybersecurity-human-risk-weakest-link\/","title":{"rendered":"Cyber security and human risk: are humans the weakest link"},"content":{"rendered":"\n<header class=\"wp-block-cg-blocks-hero-blogs header-hero-blogs\"><div class=\"container\"><div class=\"hero-blogs\"><div class=\"hero-blogs-content-wrapper\"><div class=\"row\"><div class=\"col-12\"><div class=\"header-title\"><h1>Cyber security and human risk: are humans the weakest link?<\/h1><\/div><\/div><\/div><\/div><div class=\"hero-blogs-bottom\"><div class=\"header-author\"><div class=\"author-img\"><img decoding=\"async\" src=\"https:\/\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2025\/04\/matt-bancroft.jpg?w=200&amp;quality=10\" alt=\"\" loading=\"lazy\"\/><\/div><div class=\"author-name-date\"><h5 class=\"author-name\">Matthew Bancroft<\/h5><h5 class=\"blog-date\">Jul 15, 2025<\/h5><\/div><\/div><div class=\"brand-image\"> <\/div><\/div><\/div><\/div><\/header>\n\n\n\n<section class=\"wp-block-cg-blocks-group undefined section section--article-content\"><div class=\"article-main-content\"><div class=\"container\"><div class=\"row\"><div class=\"col-12 col-md-1\"><nav class=\"article-social\"><ul class=\"social-nav\"><li class=\"ip-order-fb\"><a href=\"https:\/\/www.facebook.com\/sharer\/sharer.php?u=https:\/\/www.capgemini.com\/gb-en\/?p=692583\" target=\"_blank\" rel=\"noopener noreferrer\" title=\"opens in a new window\"><i aria-hidden=\"true\" class=\"icon-fb\"><\/i><span class=\"sr-only\">Facebook<\/span><\/a><\/li><li class=\"ip-order-li\"><a href=\"https:\/\/www.linkedin.com\/sharing\/share-offsite\/?url=https:\/\/www.capgemini.com\/gb-en\/?p=692583\" target=\"_blank\" rel=\"noopener noreferrer\" title=\"opens in a new window\"><i aria-hidden=\"true\" class=\"icon-li\"><\/i><span class=\"sr-only\">Linkedin<\/span><\/a><\/li><\/ul><\/nav><\/div><div class=\"col-12 col-md-11 col-lg-10\"><div class=\"article-text article-quote-text\">\n<h3 class=\"wp-block-heading\" id=\"h-the-third-instalment-in-a-cyber-security-series-from-capgemini-and-renewableuk-explores-how-human-behaviour-remains-the-most-exploited-vulnerability-in-modern-cyberattacks-what-practical-steps-can-be-taken-to-mitigate-this-and-what-we-can-all-learn-from-brad-pitt\">The third instalment in a cyber security series from Capgemini and RenewableUK explores how human behaviour remains the most exploited vulnerability in modern cyberattacks, what practical steps can be taken to mitigate this, and what we can all learn from Brad Pitt.<\/h3>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-greeks-bearing-gifts\">Greeks bearing gifts<\/h2>\n\n\n\n<p>Over 3,000 years ago, in the now infamous former city of Troy, defenders rejoiced as the Greek army was vanquished after a decade-long siege. The surrounding bay was clear of warships and the beaches empty of military tents. A huge wooden horse was the only indication they were ever there.<\/p>\n\n\n\n<p>Had they not been so exhausted from battle and jubilant with victory, more sober Trojan minds might have questioned this conspicuous Greek gift. On this day, however, scepticism did not prevail. And so, it was not the mighty walls of Troy that were breached, with the perimeter still holding fast, nor was it the imposing gate that had shattered. It was not iron or wood, nor cement or stone, that ultimately laid Troy low. Rather it was trust, and manipulation of that all too human emotion. <\/p>\n\n\n\n<p>Our technology has come a long way in the subsequent three millennia. Today we invest in firewalls, endpoint detection, and sophisticated scanning to protect our assets. But our amygdala \u2013 the part of the brain that processes emotions like fear &#8211; is much the same as our Trojan forebears. When we\u2019re in a rush, links can seem convincing. After a long day, when we\u2019re prompted to update our password, surely \u201cBradPitt2004Troy\u201d would do? It\u2019s rarely modern <a href=\"https:\/\/www.capgemini.com\/gb-en\/services\/cybersecurity\/\">cyber security<\/a> defences that fail, but instead misplaced human trust often proves to be the weakest link.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-people-are-the-most-exploited-attack-surface\">People are the most exploited attack surface<\/h2>\n\n\n\n<p>Technology evolves and threat actors certainly innovate. But, year after year, the majority of security breaches still arise from human behaviour. Whether through deception, mistakes, or deliberate misuse, attackers increasingly target the people within organisations when seeking to open the proverbial gates. There are four primary ways in which human vulnerabilities typically manifest in cyber security breaches, though it is worth noting that these methods are rarely used in isolation, and Capgemini has tracked how frequently these occur:<\/p>\n\n\n\n<ol start=\"1\" class=\"wp-block-list\">\n<li><strong>Phishing and social engineering&nbsp;(68% frequency)<br><\/strong>A message appears benign or routine, but hides a threat, such as a file, link, or seemingly urgent request. Such threats often play on emotion through authority, urgency, or reward.<\/li>\n\n\n\n<li><strong>Credential theft and misuse&nbsp;(30% frequency)<br><\/strong>Usernames and passwords are the gate keys. Reusing passwords or choosing weak ones makes them easy to steal, guess, or phish.<\/li>\n\n\n\n<li><strong>Human error&nbsp;(28% frequency)<br><\/strong>Mistakenly CCing the wrong person, uploading the wrong file, or exposing data in shared documents. All are small mistakes with potentially big consequences.<\/li>\n\n\n\n<li><strong>Malicious insider threats&nbsp;(6% frequency)<br><\/strong>A trusted user goes rogue. Whether motivated by revenge, coercion, or negligence, they knowingly violate policies to harm their organisation.<\/li>\n<\/ol>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-when-human-risk-becomes-real\">When human risk becomes real<\/h2>\n\n\n\n<p>To illustrate how human-centric risks manifest in real world scenarios, we can look at four notable incidents which embody these primary categories:<\/p>\n\n\n\n<ol start=\"1\" class=\"wp-block-list\">\n<li><strong>NHS ransomware attack, 2022&nbsp;(phishing and social engineering)<\/strong><br>In early 2022, the National Health Service (NHS) experienced a significant cyber incident involving a phishing campaign that targeted official email accounts, offering a stark illustration of how such an attack can compromise entire swathes of critical national infrastructure. 139 NHS email accounts were compromised and used to distribute over 1,157 phishing emails over a period of several weeks. The compromised accounts were used to send emails, often impersonating NHS.net \u2013 the email, diary and directory system for health service employees in England and Scotland &#8211; to trick individuals into providing personal or financial information, leading to the exposure of sensitive data for around 80,000 individuals. The Information Commissioner&#8217;s Office (ICO) later fined the responsible IT department \u00a33 million for failing to implement adequate security measures, including the absence of multi-factor authentication (MFA). In this case, the attackers exploited human trust and the lack of basic security protocols, leading to widespread service disruption and data compromise, and underscoring how social engineering tactics, combined with insufficient security practices, can have far-reaching consequences.<\/li>\n\n\n\n<li><strong>The Colonial Pipeline attack, 2021&nbsp;(credential theft and misuse)<\/strong><br>In May 2021, Colonial Pipeline from Texas to New York fell victim to a ransomware attack after hackers accessed it via a compromised password. The password had been used for several accounts on the network, meaning the hackers gained extensive access through it. They were, in effect, able to open multiple doors using a single key. The breach led to fuel shortages across the Eastern United States and a ransom payment of $4.4 million, resulting in widespread societal disruption from a seemingly minor oversight.<\/li>\n\n\n\n<li><strong>Facebook\u2019s cloud misconfiguration, 2019&nbsp;(human error)<\/strong><br>In 2019, security researchers from the software company UpGuard discovered that over 540 million Facebook user records were publicly accessible through misconfigured Amazon Web Services (AWS) cloud servers. The exposed data encompassed user IDs, comments, reactions and, in some cases, passwords. This incident was not the result of a sophisticated cyberattack but stemmed from human error, specifically the failure to properly configure the system. The developers neglected to implement basic security measures, such as password protection or encryption, leaving vast amounts of personal data vulnerable to unauthorised access. This breach underscored the potential impact of human errors, with even well-intentioned developers capable of inadvertently exposing sensitive information through simple missteps.<\/li>\n\n\n\n<li><strong>\u2018The Tesla Files\u2019, 2023<\/strong>&nbsp;<strong>(malicious insider threat)<\/strong><br>In May 2023, Tesla disclosed a significant data breach affecting over 75,000 current and former employees. The breach was traced back to two former employees who, in violation of Tesla&#8217;s IT security and data protection policies, misappropriated confidential information and shared it with a German media outlet. The leaked data included names, contact information, social security numbers, and employment details. Investigation revealed that the insiders had accessed and exfiltrated over 100gb of sensitive data, which was subsequently named \u2018The Tesla Files\u2019. Investigations revealed that these former employees had grievances with Tesla\u2019s management, underscoring how internal dissatisfaction can become a catalyst for malicious actions.<\/li>\n<\/ol>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-empowering-individuals-to-mitigate-human-centric-cyber-risks\">Empowering individuals to mitigate human-centric cyber risks<\/h2>\n\n\n\n<p>The good news is that organisations and their employees are equally able to solve the challenges of human cyber risk, and below are practical steps that RenewableUK members can implement to protect themselves and their organisations:<\/p>\n\n\n\n<ol start=\"1\" class=\"wp-block-list\">\n<li><strong>Phishing<\/strong><br>Organisations should participate in regular phishing simulations, which can significantly reduce the likelihood of falling for real attacks. Individuals should be sceptical of unsolicited communications, always verifying the authenticity of unexpected emails or messages, especially those requesting sensitive information or urgent actions. If in doubt, they should adopt a \u2018better safe than sorry\u2019 approach and flag the email as suspicious.<\/li>\n\n\n\n<li><strong>Credentials<\/strong><br>Organisations should enable multi-factor Authentication (MFA), which is able to block over 99.9% of account compromise attacks. Individuals should use strong, unique passwords, whilst avoiding reusing passwords across different accounts, and utilising password managers to generate and store complex passwords securely.<\/li>\n\n\n\n<li><strong>Human error<\/strong><br>Organisations should communicate best practices to their workforce, ensuring all cyber security practices are clearly understood and regularly updating their team\u2019s knowledge to minimise the risk of inadvertent errors. Individuals should double-check before sending emails, especially those containing sensitive information, as well as verifying the recipients and attachments to prevent accidental data leaks.<\/li>\n\n\n\n<li><strong>Malicious insiders<\/strong><br>Organisations should foster a culture of integrity by encouraging open communication and ethical behaviour to deter potential insider threats. Individuals should report suspicious behaviour through the appropriate channels if they notice unusual activities or policy violations.<\/li>\n<\/ol>\n\n\n\n<p>Whether it concerns ancient Troy or tomorrow\u2019s Tesla, human vulnerabilities remain consistent targets for attackers. Addressing these human-centric risks demands ongoing vigilance, regular training, and a proactive security culture.<\/p>\n\n\n\n<p>What happens when the Trojan Horse learns to knock? Stay tuned for upcoming articles that discuss the impact of AI and what this means for the future of digital security.<\/p>\n<\/div><\/div><\/div><\/div><\/div><\/section>\n\n\n\n<section class=\"wp-block-cg-blocks-wrapper-people-slider section section--expert-slider wrapper-people-slider undefined\"><div class=\"container\"><div class=\"content-title\"><\/div><\/div><div class=\"slider slider-boxed\"><div class=\"container\"><div class=\"slider-window\"><div class=\"slider-list\">\t\t<div class=\"slide\">\n\t\t\t<div class=\"box\">\n\t\t\t\t<div class=\"row\">\n\t\t\t\t\t<div class=\"col-md-6 col-lg-4 box-img-wrapper\">\n\t\t\t\t\t\t<img decoding=\"async\" loading=\"lazy\" src=\"https:\/\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2025\/04\/matt-bancroft.jpg\" alt=\"Matthew Bancroft\"\/>\n\t\t\t\t\t<\/div>\n\t\t\t\t\t<div class=\"col-md-6 col-lg-8 box-inner\">\n\t\t\t\t\t\t<div class=\"row title-social-media-header\">\n\t\t\t\t\t\t\t<div class=\"col-md-12 col-lg-6 mbl-social-icon\">\n\t\t\t\t\t\t\t\t<ul class=\"social-nav\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/ul>\n\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t<div class=\"col-md-12 col-lg-6 box-container\">\n\t\t\t\t\t\t\t\t<div class=\"box-title\">\n\t\t\t\t\t\t\t\t\t<h3 class=\"people-profile-title\">Matthew Bancroft<\/h3>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<span>Senior Director, Digital Security and Trust<\/span>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t<div class=\"col-md-12 col-lg-6 social-box-container dkt-social-icon\">\n\t\t\t\t\t\t\t\t<ul class=\"social-nav\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/ul>\n\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"people-info\">Matt leads the private sector for Capgemini Invent UK providing cyber security consulting and technology advisory services focused on the specific risks in this sector and specialising in state-of-the-art innovation, cyber startups, strategic alliances, industrial and cloud security. Matt was originally a physicist and electrical engineer specialising in petrophysics in the oil and gas industry and has over 20 years\u2019 experience in cybersecurity and consulting, leading innovative and transformational people, practices and programs in complex multinational organisations. <\/div>\n\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div><\/div><\/div><div class=\"slider-nav\"><button class=\"slider-prev inactive\" aria-label=\"Slider-previous\" tabindex=\"-1\"><\/button><ul class=\"slider-paginator\"><\/ul><button class=\"slider-next\" aria-label=\"Slider-next\"><\/button><\/div><\/div><\/section>\n","protected":false},"excerpt":{"rendered":"<p>The third instalment in a cyber security series from Capgemini and RenewableUK explores how human behaviour remains the most exploited vulnerability in modern cyberattacks, what practical steps can be taken to mitigate this, and what we can all learn from Brad Pitt.<\/p>\n","protected":false},"author":301,"featured_media":598971,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"cg_dt_proposed_to":[],"cg_seo_hreflang_relations":"[]","cg_seo_canonical_relation":"","cg_seo_hreflang_x_default_relation":"","cg_dt_approved_content":true,"cg_dt_mandatory_content":false,"cg_dt_notes":"","cg_dg_source_changed":false,"cg_dt_link_disabled":false,"_yoast_wpseo_primary_brand":"","_jetpack_memberships_contains_paid_content":false,"footnotes":"","featured_focal_points":""},"categories":[1],"tags":[],"brand":[],"service":[47],"industry":[435],"partners":[],"blog-topic":[151],"content-group":[],"class_list":["post-692583","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized","service-cybersecurity","industry-cybersecurity","blog-topic-cybersecurity"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v22.8 (Yoast SEO v22.8) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Cybersecurity &amp; Human Risk: The Weakest Link? | Capgemini UK<\/title>\n<meta name=\"description\" content=\"Explore how human behavior impacts cybersecurity and why people may be the most vulnerable link in digital defense. Insights from Capgemini UK.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.capgemini.com\/gb-en\/insights\/expert-perspectives\/cybersecurity-human-risk-weakest-link\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Cyber security and human risk: are humans the weakest link\" \/>\n<meta property=\"og:description\" content=\"Explore how human behavior impacts cybersecurity and why people may be the most vulnerable link in digital defense. Insights from Capgemini UK.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.capgemini.com\/gb-en\/insights\/expert-perspectives\/cybersecurity-human-risk-weakest-link\/\" \/>\n<meta property=\"og:site_name\" content=\"Capgemini UK\" \/>\n<meta property=\"article:published_time\" content=\"2025-07-15T08:27:35+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-01-22T07:44:05+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2021\/04\/cyber1-2.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"612\" \/>\n\t<meta property=\"og:image:height\" content=\"459\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Matthew Bancroft\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"pameladatta\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.capgemini.com\/gb-en\/insights\/expert-perspectives\/cybersecurity-human-risk-weakest-link\/\",\"url\":\"https:\/\/www.capgemini.com\/gb-en\/insights\/expert-perspectives\/cybersecurity-human-risk-weakest-link\/\",\"name\":\"Cybersecurity & Human Risk: The Weakest Link? | Capgemini UK\",\"isPartOf\":{\"@id\":\"https:\/\/www.capgemini.com\/gb-en\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.capgemini.com\/gb-en\/insights\/expert-perspectives\/cybersecurity-human-risk-weakest-link\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.capgemini.com\/gb-en\/insights\/expert-perspectives\/cybersecurity-human-risk-weakest-link\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2021\/04\/cyber1-2.jpg\",\"datePublished\":\"2025-07-15T08:27:35+00:00\",\"dateModified\":\"2026-01-22T07:44:05+00:00\",\"author\":{\"@id\":\"https:\/\/www.capgemini.com\/gb-en\/#\/schema\/person\/ba420545624e411851e84bb8ef2c0281\"},\"description\":\"Explore how human behavior impacts cybersecurity and why people may be the most vulnerable link in digital defense. Insights from Capgemini UK.\",\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.capgemini.com\/gb-en\/insights\/expert-perspectives\/cybersecurity-human-risk-weakest-link\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/www.capgemini.com\/gb-en\/insights\/expert-perspectives\/cybersecurity-human-risk-weakest-link\/#primaryimage\",\"url\":\"https:\/\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2021\/04\/cyber1-2.jpg\",\"contentUrl\":\"https:\/\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2021\/04\/cyber1-2.jpg\",\"width\":612,\"height\":459},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.capgemini.com\/gb-en\/#website\",\"url\":\"https:\/\/www.capgemini.com\/gb-en\/\",\"name\":\"Capgemini UK\",\"description\":\"Get the future you want\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.capgemini.com\/gb-en\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.capgemini.com\/gb-en\/#\/schema\/person\/ba420545624e411851e84bb8ef2c0281\",\"name\":\"pameladatta\",\"url\":\"https:\/\/www.capgemini.com\/gb-en\/author\/pameladatta\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Cybersecurity & Human Risk: The Weakest Link? | Capgemini UK","description":"Explore how human behavior impacts cybersecurity and why people may be the most vulnerable link in digital defense. Insights from Capgemini UK.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.capgemini.com\/gb-en\/insights\/expert-perspectives\/cybersecurity-human-risk-weakest-link\/","og_locale":"en_GB","og_type":"article","og_title":"Cyber security and human risk: are humans the weakest link","og_description":"Explore how human behavior impacts cybersecurity and why people may be the most vulnerable link in digital defense. Insights from Capgemini UK.","og_url":"https:\/\/www.capgemini.com\/gb-en\/insights\/expert-perspectives\/cybersecurity-human-risk-weakest-link\/","og_site_name":"Capgemini UK","article_published_time":"2025-07-15T08:27:35+00:00","article_modified_time":"2026-01-22T07:44:05+00:00","og_image":[{"width":612,"height":459,"url":"https:\/\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2021\/04\/cyber1-2.jpg","type":"image\/jpeg"}],"author":"Matthew Bancroft","twitter_card":"summary_large_image","twitter_misc":{"Written by":"pameladatta","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.capgemini.com\/gb-en\/insights\/expert-perspectives\/cybersecurity-human-risk-weakest-link\/","url":"https:\/\/www.capgemini.com\/gb-en\/insights\/expert-perspectives\/cybersecurity-human-risk-weakest-link\/","name":"Cybersecurity & Human Risk: The Weakest Link? | Capgemini UK","isPartOf":{"@id":"https:\/\/www.capgemini.com\/gb-en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.capgemini.com\/gb-en\/insights\/expert-perspectives\/cybersecurity-human-risk-weakest-link\/#primaryimage"},"image":{"@id":"https:\/\/www.capgemini.com\/gb-en\/insights\/expert-perspectives\/cybersecurity-human-risk-weakest-link\/#primaryimage"},"thumbnailUrl":"https:\/\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2021\/04\/cyber1-2.jpg","datePublished":"2025-07-15T08:27:35+00:00","dateModified":"2026-01-22T07:44:05+00:00","author":{"@id":"https:\/\/www.capgemini.com\/gb-en\/#\/schema\/person\/ba420545624e411851e84bb8ef2c0281"},"description":"Explore how human behavior impacts cybersecurity and why people may be the most vulnerable link in digital defense. Insights from Capgemini UK.","inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.capgemini.com\/gb-en\/insights\/expert-perspectives\/cybersecurity-human-risk-weakest-link\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.capgemini.com\/gb-en\/insights\/expert-perspectives\/cybersecurity-human-risk-weakest-link\/#primaryimage","url":"https:\/\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2021\/04\/cyber1-2.jpg","contentUrl":"https:\/\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2021\/04\/cyber1-2.jpg","width":612,"height":459},{"@type":"WebSite","@id":"https:\/\/www.capgemini.com\/gb-en\/#website","url":"https:\/\/www.capgemini.com\/gb-en\/","name":"Capgemini UK","description":"Get the future you want","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.capgemini.com\/gb-en\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-GB"},{"@type":"Person","@id":"https:\/\/www.capgemini.com\/gb-en\/#\/schema\/person\/ba420545624e411851e84bb8ef2c0281","name":"pameladatta","url":"https:\/\/www.capgemini.com\/gb-en\/author\/pameladatta\/"}]}},"blog_topic_info":[{"id":151,"name":"Cybersecurity"}],"taxonomy_info":{"category":[{"id":1,"name":"Uncategorized","slug":"uncategorized"}],"service":[{"id":47,"name":"Cybersecurity","slug":"cybersecurity"}],"industry":[{"id":435,"name":"Cybersecurity","slug":"cybersecurity"}],"blog-topic":[{"id":151,"name":"Cybersecurity","slug":"cybersecurity"}]},"parsely":{"version":"1.1.0","canonical_url":"https:\/\/capgemini.com\/gb-en\/insights\/expert-perspectives\/cybersecurity-human-risk-weakest-link\/","smart_links":{"inbound":0,"outbound":0},"traffic_boost_suggestions_count":0,"meta":{"@context":"https:\/\/schema.org","@type":"NewsArticle","headline":"Cyber security and human risk: are humans the weakest link","url":"https:\/\/www.capgemini.com\/gb-en\/insights\/expert-perspectives\/cybersecurity-human-risk-weakest-link\/","mainEntityOfPage":{"@type":"WebPage","@id":"https:\/\/www.capgemini.com\/gb-en\/insights\/expert-perspectives\/cybersecurity-human-risk-weakest-link\/"},"thumbnailUrl":"https:\/\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2021\/04\/cyber1-2.jpg?w=150&h=150&crop=1","image":{"@type":"ImageObject","url":"https:\/\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2021\/04\/cyber1-2.jpg"},"articleSection":"Uncategorized","author":[],"creator":[],"publisher":{"@type":"Organization","name":"Capgemini UK","logo":""},"keywords":[],"dateCreated":"2025-07-15T08:27:35Z","datePublished":"2025-07-15T08:27:35Z","dateModified":"2026-01-22T07:44:05Z"},"rendered":"<meta name=\"parsely-title\" content=\"Cyber security and human risk: are humans the weakest link\" \/>\n<meta name=\"parsely-link\" content=\"https:\/\/www.capgemini.com\/gb-en\/insights\/expert-perspectives\/cybersecurity-human-risk-weakest-link\/\" \/>\n<meta name=\"parsely-type\" content=\"post\" \/>\n<meta name=\"parsely-image-url\" content=\"https:\/\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2021\/04\/cyber1-2.jpg?w=150&amp;h=150&amp;crop=1\" \/>\n<meta name=\"parsely-pub-date\" content=\"2025-07-15T08:27:35Z\" \/>\n<meta name=\"parsely-section\" content=\"Uncategorized\" \/>","tracker_url":"https:\/\/cdn.parsely.com\/keys\/capgemini.com\/p.js"},"jetpack_featured_media_url":"https:\/\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2021\/04\/cyber1-2.jpg","archive_status":false,"featured_image_src":"https:\/\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2021\/04\/cyber1-2.jpg","featured_image_alt":"","jetpack-related-posts":[{"id":592608,"url":"https:\/\/www.capgemini.com\/gb-en\/insights\/expert-perspectives\/cybersecurity-trends-you-can-expect-to-see-in-2023\/","url_meta":{"origin":692583,"position":0},"title":"Cybersecurity trends you can expect to see in 2023","author":"torapaul","date":"February 15, 2023","format":false,"excerpt":"It's that time of year again when we try to predict what's ahead of us in terms of cybersecurity. 2022 has already become a record-breaker for the sheer volume of phishing scams, cyberattacks, data breaches, crypto heist and geopolitical unrest, giving rise to hactivisim where state-sponsored cyber legions disrupted critical\u2026","rel":"","context":"In &quot;Technology&quot;","block_context":{"text":"Technology","link":"https:\/\/www.capgemini.com\/gb-en\/category\/technology\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2022\/05\/cybersecurity-1.jpg?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2022\/05\/cybersecurity-1.jpg?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2022\/05\/cybersecurity-1.jpg?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2022\/05\/cybersecurity-1.jpg?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":687041,"url":"https:\/\/www.capgemini.com\/gb-en\/insights\/expert-perspectives\/cyber-security-and-renewable-energy-the-big-picture\/","url_meta":{"origin":692583,"position":1},"title":"Cyber security and renewable energy: the big picture","author":"pameladatta","date":"April 25, 2025","format":false,"excerpt":"Capgemini and RenewableUK, pulling back the curtain to provide an introduction to the key concepts, notable headlines and hot topics around cyber security in the context of clean energy generation.","rel":"","context":"Similar post","block_context":{"text":"Similar post","link":""},"img":{"alt_text":"Cyber security and renewable energy","src":"https:\/\/i0.wp.com\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2025\/04\/RenewableUK-web-banner.jpg?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2025\/04\/RenewableUK-web-banner.jpg?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2025\/04\/RenewableUK-web-banner.jpg?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2025\/04\/RenewableUK-web-banner.jpg?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":703677,"url":"https:\/\/www.capgemini.com\/gb-en\/insights\/expert-perspectives\/green-cybersecurity-sustainability\/","url_meta":{"origin":692583,"position":2},"title":"Cyber security and the environment: can we make cyber security green?","author":"pameladatta","date":"November 25, 2025","format":false,"excerpt":"The fourth installment in a cyber security series from Capgemini and RenewableUK explores how cyber security can negatively impact the environment, the environmental impact of cyber security incidents, and how this can be mitigated by making cyber security sustainable by design.","rel":"","context":"Similar post","block_context":{"text":"Similar post","link":""},"img":{"alt_text":"Green Cyber Security","src":"https:\/\/i0.wp.com\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2025\/11\/cyber-security-green.jpg?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2025\/11\/cyber-security-green.jpg?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2025\/11\/cyber-security-green.jpg?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2025\/11\/cyber-security-green.jpg?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":687077,"url":"https:\/\/www.capgemini.com\/gb-en\/insights\/expert-perspectives\/cyber-squirrels-parsimony-principle-guide\/","url_meta":{"origin":692583,"position":3},"title":"Cyber squirrels and the principle of parsimony","author":"pameladatta","date":"April 25, 2025","format":false,"excerpt":"Capgemini\u00a0and RenewableUK examining cyber security and the techniques that the renewables sector can adopt from other forms of critical infrastructure","rel":"","context":"Similar post","block_context":{"text":"Similar post","link":""},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2025\/04\/Cyber-security-and-renewable-energy-we_.jpg?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2025\/04\/Cyber-security-and-renewable-energy-we_.jpg?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2025\/04\/Cyber-security-and-renewable-energy-we_.jpg?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2025\/04\/Cyber-security-and-renewable-energy-we_.jpg?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":676382,"url":"https:\/\/www.capgemini.com\/gb-en\/insights\/expert-perspectives\/architecting-security-career-built-on-curiosity-and-innovation-from-engineer-to-ciso\/","url_meta":{"origin":692583,"position":4},"title":"Architecting Security","author":"jayantapakrashi","date":"December 4, 2024","format":false,"excerpt":"With the internet revolution, I realised that information would become increasingly valuable, and how we handle, collect, and make sense of it would be crucial.","rel":"","context":"Similar post","block_context":{"text":"Similar post","link":""},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2024\/12\/Architecting-Security.jpg?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2024\/12\/Architecting-Security.jpg?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2024\/12\/Architecting-Security.jpg?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2024\/12\/Architecting-Security.jpg?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":679332,"url":"https:\/\/www.capgemini.com\/gb-en\/insights\/expert-perspectives\/bringing-sanctions-and-adverse-media-screening-into-the-modern-era\/","url_meta":{"origin":692583,"position":5},"title":"Bringing sanctions and adverse media screening into the modern era","author":"pawanballa","date":"June 14, 2024","format":false,"excerpt":"Institutions are struggling to bring more efficiencies and better risk management to their screening systems.","rel":"","context":"Similar post","block_context":{"text":"Similar post","link":""},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2025\/01\/blog-10.jpg?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2025\/01\/blog-10.jpg?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2025\/01\/blog-10.jpg?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2025\/01\/blog-10.jpg?resize=700%2C400&ssl=1 2x"},"classes":[]}],"jetpack_sharing_enabled":true,"distributor_meta":false,"distributor_terms":false,"distributor_media":false,"distributor_original_site_name":"Capgemini UK","distributor_original_site_url":"https:\/\/www.capgemini.com\/gb-en","push-errors":false,"featured_image_url":"https:\/\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2021\/04\/cyber1-2.jpg","author_title":"Matthew Bancroft","author_thumbnail_url":"https:\/\/www.capgemini.com\/gb-en\/wp-content\/uploads\/sites\/5\/2025\/04\/matt-bancroft.jpg?w=382","author_thumbnail_alt":"","_links":{"self":[{"href":"https:\/\/www.capgemini.com\/gb-en\/wp-json\/wp\/v2\/posts\/692583","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.capgemini.com\/gb-en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.capgemini.com\/gb-en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.capgemini.com\/gb-en\/wp-json\/wp\/v2\/users\/301"}],"replies":[{"embeddable":true,"href":"https:\/\/www.capgemini.com\/gb-en\/wp-json\/wp\/v2\/comments?post=692583"}],"version-history":[{"count":8,"href":"https:\/\/www.capgemini.com\/gb-en\/wp-json\/wp\/v2\/posts\/692583\/revisions"}],"predecessor-version":[{"id":692687,"href":"https:\/\/www.capgemini.com\/gb-en\/wp-json\/wp\/v2\/posts\/692583\/revisions\/692687"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.capgemini.com\/gb-en\/wp-json\/wp\/v2\/media\/598971"}],"wp:attachment":[{"href":"https:\/\/www.capgemini.com\/gb-en\/wp-json\/wp\/v2\/media?parent=692583"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.capgemini.com\/gb-en\/wp-json\/wp\/v2\/categories?post=692583"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.capgemini.com\/gb-en\/wp-json\/wp\/v2\/tags?post=692583"},{"taxonomy":"brand","embeddable":true,"href":"https:\/\/www.capgemini.com\/gb-en\/wp-json\/wp\/v2\/brand?post=692583"},{"taxonomy":"service","embeddable":true,"href":"https:\/\/www.capgemini.com\/gb-en\/wp-json\/wp\/v2\/service?post=692583"},{"taxonomy":"industry","embeddable":true,"href":"https:\/\/www.capgemini.com\/gb-en\/wp-json\/wp\/v2\/industry?post=692583"},{"taxonomy":"partners","embeddable":true,"href":"https:\/\/www.capgemini.com\/gb-en\/wp-json\/wp\/v2\/partners?post=692583"},{"taxonomy":"blog-topic","embeddable":true,"href":"https:\/\/www.capgemini.com\/gb-en\/wp-json\/wp\/v2\/blog-topic?post=692583"},{"taxonomy":"content-group","embeddable":true,"href":"https:\/\/www.capgemini.com\/gb-en\/wp-json\/wp\/v2\/content-group?post=692583"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}