The human element of cybersecurity

If you're inclined to think of cybersecurity as lending itself to clean, elegant, better-than-human, extremely secure solutions, you probably don't work in the field. But one bias held by many in information security is that much of the mess is because humans -- not hackers, shoddy software or poorly-built devices -- are the source of the vast majority of our digital vulnerabilities. Why extend the time and energy to hack into a heavily-guarded system, security experts might opine, if you can simply trick a user into clicking a link laden with malware? If businesses didn't have to deal with the "end user" (that is, you and I), this reasoning goes, all our problems would be solved. This represents a quiet bias against users in nearly every conversation about cybersecurity.