The recent breaches at the Massachusetts Institute of Technology (MIT) further reinforce the fact that users can be an information security program’s weakest link. Security departments across the globe need to invest resources to protect their employees against phishing attacks. The top three solutions to reduce risk include: Repetitive user training with published metrics with a goal of behavior modification. Proven technologies that block the user from reaching malicious websites should be the primary focus of all information security professionals. In this dynamic threat landscape, investing resources in shoring up the weakest links should be a primary focus.
Source: https://www.forcepoint.com/blog/insights/users-are-weakest-link-what-it-needs-do-about-it