Don't blame people – fix the system

It's easy to blame people when security incidents occur. But while many types of breaches do indeed involve a human element, we should stop to ask ourselves why people acted in the ways they did, and why that was allowed to become a problem. Our systems and processes need to be designed with security embedded deeply within them so that minor lapses on the part of staff members are prevented from becoming a problem.