Human risk: don’t blame the victim, fix the system

1. Pro

Human risk: don’t blame the victim, fix the system Opinion By Adam Marrè published 21 November 2025

Leaders must foster a security culture built on shared ownership

Comments (0) ()

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Nytt DDoS-rekord (Image credit: Shutterstock / ZinetroN)

The wave of cyberattacks which targeted some of the UK’s most prominent luxury and high-street retailers has served as a stark reminder of the persistent and evolving threat landscape.

As these organizations grapple with the operational, financial, and reputational fallout, the broader business community in the UK and Ireland is asking a critical question: how did this happen, and how can we prevent it from happening to us?

Adam MarrèSocial Links Navigation

Chief Information Security Officer at Arctic Wolf.

• Amazon Black Friday deals are live: here are our picks!

While it’s easy to point fingers at sophisticated malware or shadowy nation-state actors, the uncomfortable truth is that the initial point of failure is often much closer to home. The human element remains the most unpredictable and, therefore, the most exploited variable in the cybersecurity equation.

You may like

• The resilient retailer’s guide to proactive cyber defense
• I am a cybersecurity expert - here's why it's time for businesses to bolster defenses, beyond just tech
• Five lessons learned from the M&S, Co-op, and Harrods security breaches

Arctic Wolf’s recent report found that a staggering 80% of successful breaches involve a human factor. Attackers aren’t just breaking down digital walls; they’re often being handed the keys to the kingdom.

They understand that it is far easier to trick a person than to defeat a complex security system. In the fast-paced retail environment, where staff are focused on customer service, logistics, and sales, the pressure to be efficient can inadvertently open the door to security lapses.

A rushed click on a malicious link in a fake shipping notification, or using the same simple password for multiple systems, is all it takes for an adversary to gain a foothold.

Culture of blame

Cybercriminals are skilled at leveraging human psychology. They exploit our curiosity with convincing phishing emails, our trust with impersonation tactics, and our tendency to take shortcuts with password hygiene.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

Employees are also three times more likely to click on a phishing link than to report it to their IT or security department. This is not because they are malicious, but because they are often unaware, untrained, or simply too busy to stop and scrutinize every email.

Furthermore, the pervasive issue of credential compromise continues to plague organizations. Over 60% of compromised credentials discovered on the dark web stem from the use of weak or reused passwords.

For a retail sector that relies on a complex web of suppliers, partners, and third-party vendors, a single stolen password can trigger a devastating supply chain attack, impacting countless other businesses.

You may like

• The resilient retailer’s guide to proactive cyber defense
• I am a cybersecurity expert - here's why it's time for businesses to bolster defenses, beyond just tech
• Five lessons learned from the M&S, Co-op, and Harrods security breaches

For too long, the industry has fostered a culture of blame, where employees are seen as the weakest link. This is a fundamentally flawed and counterproductive approach.

When employees fear punishment for reporting a mistake, they stay silent. A minor incident, like a clicked link or a suspicious login, can quickly escalate into a catastrophic breach if it goes unreported.

Building resilience

To truly build resilience, leaders across the UK and Ireland must shift their perspective. Instead of blaming people, we must empower them.

This begins with fostering a robust security culture built on shared ownership. It requires moving beyond the annual tick-box training exercise and investing in continuous, engaging security awareness programs that are relevant to the specific threats employees face daily.

However, we must also operate with the assumption that, despite our best efforts, mistakes will happen. That is where technology must provide a crucial and non-negotiable safety net. A 24x7 Managed Detection and Response (MDR) strategy is essential.

It acts as a constant guardian, monitoring the entire IT environment for signs of compromise that may bypass preventative tools. Whether a threat originates from a malicious insider or an accidental click, MDR allows security teams to detect, respond, and neutralize it in minutes, before it can escalate into a headline-grabbing breach.

The security of our most beloved brands and bustling businesses doesn’t just rest on the shoulders of the IT department. It is a collective responsibility.

By shifting from a mindset of blame to one of empowerment, and by combining a positive security culture with a relentless technological safety net, UK and Irish businesses can turn a serious risk, their people, into their strongest line of defense.

We've featured the best encryption software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

TOPICS AI Malware Adam MarrèSocial Links Navigation

Adam Marrè is Chief Information Security Officer at Arctic Wolf.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.

Logout Read more The resilient retailer’s guide to proactive cyber defense    I am a cybersecurity expert - here's why it's time for businesses to bolster defenses, beyond just tech    Five lessons learned from the M&S, Co-op, and Harrods security breaches    Avoiding service desk exploitation: deconstructing the modern retail attack    Mitigating supply chain vulnerabilities    Why our own clicks are often cybercrime's greatest allies    Latest in Pro Second-order prompt injection can turn AI into a malicious insider    Protecting productivity: the imperative of cybersecurity in manufacturing    AI agents are fuelling an identity and security crisis for organizations    Global cloud wars see AWS increasingly under threat from Microsoft and Google    Upgrading tech could help UK businesses offset time lost on sick leave    Salesforce says customer data may be exposed in Gainsight incident - "unusual activity" being probed    Latest in Opinion Human risk: don’t blame the victim, fix the system    How cloud-based technology is helping contact centers cut carbon emissions    Leaving a print at Microsoft    How data centers can balance growth with environmental responsibility    Drone maker lets robot fly drone to prove it's easy to use and scare the heck out of us    Is privacy really dead? How generations are rewriting data protection    LATEST ARTICLES

1. 1Second-order prompt injection can turn AI into a malicious insider
2. 2Salesforce says customer data may be exposed in Gainsight incident - "unusual activity" being probed
3. 3Only one VPN is truly equipped for torrenters, and right now it's 75% off
4. 4ChatGPT enters the group chat globally
5. 5Fitbit's new AI tool wants to take the stress out of your next doctor's visit