REDUCING CYBER RISK THROUGH A HUMAN–CENTRED APPROACH

Abstract

This paper investigates the complex challenges professionals face in managing cyber risks and implementing human risk management programs. Emphasizing the crucial role of human behavior in effectively mitigating cyber risks, the paper highlights the transformative impact of utilizing the „Golden Circle” methodology. This human-centered methodology initiates discussions with the question „WHY”, articulating the fundamental purpose of human risk management and promoting an „inside-out” approach, starting with employee motivation and engagement. This approach ensures the sustainability of human risk management practices by fostering a sense of responsibility and belief in the mission. Furthermore, the integration of Artificial Intelligence (AI) is explored to enhance human risk management, with AI techniques such as machine learning analyzing behavioral patterns to predict potential risks and automate responses. However, the paper also addresses the drawbacks of AI, including sophisticated phishing attacks and deepfakes exploiting human vulnerabilities. Combining AI with the „Golden Circle” allows organizations to identify why employees are susceptible to attacks and how to tailor training, achieving a more robust and proactive risk management strategy. The paper offers tips and recommendations for evolving and sustaining this integrated methodology over time, ensuring its continued effectiveness in the dynamic cybersecurity landscape.