CISOs of mid-sized businesses spend countless hours thinking through frameworks, strategies, goals and objectives for their teams so that they can better drive business.

Chief among his priorities, CISO Jony Fischbein has the goal of optimizing business processes, especially those that involve internal personnel. “People are the biggest asset and the biggest weakness in any organization,” says Fischbein.

For example, the “over-motivated” types of employees will frequently download tools and applications to help them accomplish tasks quickly, despite the fact that the tools were not explicitly sanctioned by the IT department. These well-intended, but recklessly executed “Shadow IT” activities can throw a business under the bus.

Fischbein also wants to address personnel threats through better cloud-related business processes and practices. Cloud misconfigurations are the main cause underlying cloud-based breaches. A security solution that can identify slip ups can set your organization on a safer path.

These days, security tools with artificial intelligence capabilities can identify patterns of human behavior, and provide alerts about anomalies.

Humans are an unpredictable variable in situations involving cyber risk. Consider the human factor in developing your risk framework and cyber infrastructure. Doing so can strengthen your organization’s security posture, and present an opportunity for creative refinement of systems.

For more of CISO Jony Fischbein’s insights about the human factor in cyber security, visit Dark Reading.