Stuxnet, WannaCry, Equifax breach are examples of weaknesses in the flesh-and-bone portion of a security plan. These attacks could have been prevented had it not been for human mistakes. We care too much about gadgets and logical control systems, and not enough about our personnel. Increasing investments in people over more technology aids retention. Too often, job boards are littered with postings chasing unicorns mythical IT experts with a mix of experience that couldn’t exist. If organizations would invest in their own people, they could mold someone into that magical creature rather than banging their head against walls in search of a candidate that doesn’t exist.”]
Source: https://www.darkreading.com/careers-and-people/we-re-doing-security-wrong-