{"id":12549,"date":"2025-04-22T18:59:04","date_gmt":"2025-04-22T13:29:04","guid":{"rendered":"https:\/\/threatcop.com\/blog\/?p=12549"},"modified":"2025-04-22T19:01:19","modified_gmt":"2025-04-22T13:31:19","slug":"why-boards-must-prioritize-people-security-before-the-next-cyber-crisis","status":"publish","type":"post","link":"https:\/\/threatcop.com\/blog\/why-boards-must-prioritize-people-security-before-the-next-cyber-crisis\/","title":{"rendered":"Why the Board of Directors Must Prioritize People Security Management Before the Next Cyber Crisis Hits"},"content":{"rendered":"<p><span style=\"color: #000000;\"><b>The $100 Million Mistake: When Facebook and Google Fell for a Simple Phishing Scam<\/b><\/span><\/p><div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 ez-toc-wrap-center counter-hierarchy ez-toc-counter ez-toc-light-blue ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #414141;color:#414141\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #414141;color:#414141\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/threatcop.com\/blog\/why-boards-must-prioritize-people-security-before-the-next-cyber-crisis\/#Why_the_Board_Must_Own_This_Conversation\" >Why the Board Must Own This Conversation<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/threatcop.com\/blog\/why-boards-must-prioritize-people-security-before-the-next-cyber-crisis\/#What_Is_People_Security_Management\" >What Is People Security Management?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/threatcop.com\/blog\/why-boards-must-prioritize-people-security-before-the-next-cyber-crisis\/#The_Real_Risk_Employees_Are_Still_Your_Weakest_Link\" >The Real Risk: Employees Are Still Your Weakest Link<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/threatcop.com\/blog\/why-boards-must-prioritize-people-security-before-the-next-cyber-crisis\/#Why_PSM_Is_the_Right_Investment_for_the_Board\" >Why PSM Is the Right Investment for the Board<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/threatcop.com\/blog\/why-boards-must-prioritize-people-security-before-the-next-cyber-crisis\/#What_PSM_Looks_Like_in_Action_For_the_Board\" >What PSM Looks Like in Action (For the Board)<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/threatcop.com\/blog\/why-boards-must-prioritize-people-security-before-the-next-cyber-crisis\/#Final_Word_to_the_Board_If_You_Dont_Act_You_Own_the_Risk\" >Final Word to the Board: If You Don\u2019t Act, You Own the Risk<\/a><\/li><\/ul><\/nav><\/div>\n\n<p><span style=\"font-weight: 400; color: #000000;\">Between 2013 and 2015, two of the world\u2019s biggest tech giants\u2014Facebook and Google\u2014were scammed out of over $100 million by a single attacker who simply sent well-crafted phishing emails.<\/span><\/p>\n<p><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">How?<\/span><\/span><\/p>\n<p><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">An employee at each company unknowingly approved fake invoices and made transfers to fraudulent accounts controlled by a Lithuanian cybercriminal posing as a legitimate vendor.<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><span style=\"font-weight: 400;\">The attacker didn\u2019t hack a firewall or breach a server. He just tricked people.<\/span><\/span><\/p>\n<p><span style=\"font-weight: 400; color: #000000;\">Despite their sophisticated cybersecurity stacks, it took just one person at each company. One email. One click.<\/span><\/p>\n<p><span style=\"font-weight: 400; color: #000000;\">This wasn\u2019t a technology failure\u2014it was a people failure.<\/span><\/p>\n<p><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">And that\u2019s the greatest blind spot in modern cybersecurity:<\/span><\/span><\/p>\n<p><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">The human layer of defense.<\/span><\/span><\/p>\n<p><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">But can we really blame them?<\/span><\/span><\/p>\n<p><span style=\"color: #000000;\"><b><i>Source: <\/i><\/b><span style=\"color: #333399;\"><a style=\"color: #333399;\" href=\"https:\/\/www.cnbc.com\/2019\/03\/27\/phishing-email-scam-stole-100-million-from-facebook-and-google.html\"><b><i>CNBC<\/i><\/b><\/a><\/span><\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Why_the_Board_Must_Own_This_Conversation\"><\/span><span style=\"color: #000000;\"><b>Why the Board Must Own This Conversation<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">As cyberattacks become more sophisticated, <\/span><b>board members can no longer leave employee awareness to CISOs alone.<\/b><span style=\"font-weight: 400;\">\u00a0<\/span><\/span><\/p>\n<p><span style=\"font-weight: 400; color: #000000;\">Regulators, insurers, shareholders, and even courts are beginning to hold boards accountable for cybersecurity negligence\u2014especially when preventable human error is involved.<\/span><\/p>\n<p><span style=\"font-weight: 400; color: #000000;\">You don\u2019t need more firewalls\u2014you need more aware people in your organization.<\/span><\/p>\n<p><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">That\u2019s where <\/span><b>People Security Management (PSM)<\/b><span style=\"font-weight: 400;\"> comes in.<\/span><\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"What_Is_People_Security_Management\"><\/span><span style=\"color: #000000;\"><b>What Is People Security Management?<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"color: #000000;\"><b>People Security Management (PSM)<\/b><span style=\"font-weight: 400;\"> is a board-level strategy that empowers employees to become your strongest line of defense.&#8221;<\/span><\/span><\/p>\n<p><span style=\"font-weight: 400; color: #000000;\">It moves beyond one-time training and outdated awareness programs by providing:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"color: #000000;\"><b>Real-time employee risk scoring<\/b><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"color: #000000;\"><b>Behavioral change through gamified learning<\/b><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"color: #000000;\"><b>Simulated attacks that prepare\u2014not punish<\/b><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"color: #000000;\"><b>Instant threat reporting tools for every staff member<\/b><\/span><\/li>\n<\/ul>\n<p><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">In short: <\/span><b>It transforms cybersecurity behavior.<\/b><\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"The_Real_Risk_Employees_Are_Still_Your_Weakest_Link\"><\/span><span style=\"color: #000000;\"><b>The Real Risk: Employees Are Still Your Weakest Link<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">Over 90% of cyberattacks start with human error \u2013 <\/span><i><span style=\"font-weight: 400;\">IBM X-Force Threat Intelligence<\/span><\/i><i><span style=\"font-weight: 400;\"><br \/>\n<\/span><\/i><span style=\"font-weight: 400;\">Average cost of a data breach in 2023: $4.45 million \u2013 <\/span><i><span style=\"font-weight: 400;\">Ponemon Institute<\/span><\/i><\/span><\/p>\n<p><span style=\"font-weight: 400; color: #000000;\">Your firewall won&#8217;t save you when an employee shares their password, clicks a malicious link, or ignores a security warning.\u00a0<\/span><\/p>\n<p><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">And when breaches happen, the board is asked one question:<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><b>&#8220;What did you do to prevent this?&#8221;<\/b><\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Why_PSM_Is_the_Right_Investment_for_the_Board\"><\/span><span style=\"color: #000000;\"><b>Why PSM Is the Right Investment for the Board<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<h4><span style=\"color: #000000;\"><b>Financial Protection<\/b><\/span><\/h4>\n<p><span style=\"font-weight: 400; color: #000000;\">PSM reduces the likelihood of breaches caused by employees, protecting the company from multi-million-dollar losses, penalties, and legal fallout.<\/span><\/p>\n<h4><span style=\"color: #000000;\"><b>Regulatory Compliance<\/b><\/span><\/h4>\n<p><span style=\"font-weight: 400; color: #000000;\">PSM supports global standards like GDPR, ISO 27001, NIST, PCI DSS and upcoming regulations that emphasize employee awareness and accountability.<\/span><\/p>\n<h4><span style=\"color: #000000;\"><b>Cyber Insurance Leverage<\/b><\/span><\/h4>\n<p><span style=\"font-weight: 400; color: #000000;\">Insurers are increasing premiums and denying claims where companies lack proactive human risk mitigation.<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"What_PSM_Looks_Like_in_Action_For_the_Board\"><\/span><span style=\"color: #000000;\"><b>What PSM Looks Like in Action (For the Board)<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-12555\" src=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2025\/04\/tsat-dashboard.png\" alt=\"TSAT dashboard\" width=\"1875\" height=\"893\" \/><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"color: #000000;\"><b>Quarterly Risk Reports<\/b><span style=\"font-weight: 400;\"> showing improvement in employee behavior<\/span><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"color: #000000;\"><b>Real-Time Dashboards<\/b><span style=\"font-weight: 400;\"> tracking phishing simulations, breaches, and training completion<\/span><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"color: #000000;\"><b>Company-Wide Cyber Resilience Scores<\/b><span style=\"font-weight: 400;\"> you can present in board meetings<\/span><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"color: #000000;\"><b>Reduced Incidents<\/b><span style=\"font-weight: 400;\"> due to ongoing engagement and training<\/span><\/span><\/li>\n<\/ul>\n<p><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">This isn\u2019t about installing another tool. It\u2019s about creating a <\/span><b>culture of cyber vigilance<\/b><span style=\"font-weight: 400;\">, starting from the intern to the C-suite.<\/span><\/span><\/p>\n<h3><span style=\"color: #000000;\"><b>No More Tick-Box Awareness.<\/b><\/span><\/h3>\n<p><span style=\"font-weight: 400; color: #000000;\">Traditional \u201ccyber awareness\u201d campaigns are outdated and ineffective.<\/span><\/p>\n<p><span style=\"color: #000000;\"><b>People Security Management is proactive, measurable, and scalable.<\/b><span style=\"font-weight: 400;\"> It protects your human layer the way a firewall protects your network.<\/span><\/span><\/p>\n<p><span style=\"font-weight: 400; color: #000000;\">\u00a0&#8220;The biggest risk to your organization is not the hacker\u2014it&#8217;s the employee who isn&#8217;t prepared.&#8221;<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Final_Word_to_the_Board_If_You_Dont_Act_You_Own_the_Risk\"><\/span><span style=\"color: #000000;\"><b>Final Word to the Board: If You Don\u2019t Act, You Own the Risk<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"color: #000000;\"><b>Cyber risk is no longer a technical issue\u2014it&#8217;s a boardroom issue.<\/b><b><br \/>\n<\/b><span style=\"font-weight: 400;\">The next breach could cost your company millions\u2014or cost you your position.<\/span><\/span><\/p>\n<p><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">By implementing People Security Management, you&#8217;re not just training employees\u2014<\/span><b>you&#8217;re protecting the business, its future, and your fiduciary responsibility.<\/b><\/span><\/p>\n<h3><span style=\"color: #000000;\"><b>What to Do Next<\/b><\/span><\/h3>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400; color: #000000;\">Ask your CISO for a People Security Risk Assessment<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400; color: #000000;\">Add PSM to your cybersecurity governance dashboard<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">Partner with trusted platforms like <\/span><b>Threatcop<\/b><span style=\"font-weight: 400;\"> to deploy People Security at scale<\/span><\/span><\/li>\n<\/ul>\n<h3><span style=\"color: #000000;\"><b>Want to See How PSM Works in Real Organizations?<\/b><\/span><\/h3>\n<p><span style=\"color: #333399;\"><a style=\"color: #333399;\" href=\"https:\/\/threatcop.com\/contact-us\"><b>Request a Live Threat Simulation &amp; Risk Assessment<\/b><span style=\"font-weight: 400;\"> \u2192 [Book Demo]<\/span><\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The $100 Million Mistake: When Facebook and Google Fell for a Simple Phishing Scam Between 2013 and 2015, two of the world\u2019s biggest tech giants\u2014Facebook and Google\u2014were scammed out of over $100 million by a single attacker who simply sent well-crafted phishing emails. How? An employee at each company unknowingly approved fake invoices and made [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":12551,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[284,338],"tags":[124,347,300,348],"class_list":["post-12549","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-digest","category-psm","tag-cyber-attack","tag-cyber-crisis","tag-people-security-management","tag-psm"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Why the Board of Directors Must Prioritize People Security Management Before the Next Cyber Crisis Hits<\/title>\n<meta name=\"robots\" content=\"noindex, nofollow\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Why the Board of Directors Must Prioritize People Security Management Before the Next Cyber Crisis Hits\" \/>\n<meta property=\"og:description\" content=\"The $100 Million Mistake: When Facebook and Google Fell for a Simple Phishing Scam Between 2013 and 2015, two of the world\u2019s biggest tech giants\u2014Facebook and Google\u2014were scammed out of over $100 million by a single attacker who simply sent well-crafted phishing emails. How? An employee at each company unknowingly approved fake invoices and made [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/threatcop.com\/blog\/why-boards-must-prioritize-people-security-before-the-next-cyber-crisis\/\" \/>\n<meta property=\"og:site_name\" content=\"Threatcop\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/people\/Threatcop\/100083109892339\/\" \/>\n<meta property=\"article:published_time\" content=\"2025-04-22T13:29:04+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-04-22T13:31:19+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2025\/04\/Cyber-Crisis.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1920\" \/>\n\t<meta property=\"og:image:height\" content=\"1080\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Threatcop\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatcop\" \/>\n<meta name=\"twitter:site\" content=\"@threatcop\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Threatcop\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/why-boards-must-prioritize-people-security-before-the-next-cyber-crisis\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/why-boards-must-prioritize-people-security-before-the-next-cyber-crisis\\\/\"},\"author\":{\"name\":\"Threatcop\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/person\\\/e4db27ffd37219d73fc6b40cc9d45cfa\"},\"headline\":\"Why the Board of Directors Must Prioritize People Security Management Before the Next Cyber Crisis Hits\",\"datePublished\":\"2025-04-22T13:29:04+00:00\",\"dateModified\":\"2025-04-22T13:31:19+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/why-boards-must-prioritize-people-security-before-the-next-cyber-crisis\\\/\"},\"wordCount\":641,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/why-boards-must-prioritize-people-security-before-the-next-cyber-crisis\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/04\\\/Cyber-Crisis.jpg\",\"keywords\":[\"cyber attack\",\"Cyber Crisis\",\"people security management\",\"PSM\"],\"articleSection\":[\"News and Digest\",\"PSM\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/threatcop.com\\\/blog\\\/why-boards-must-prioritize-people-security-before-the-next-cyber-crisis\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/why-boards-must-prioritize-people-security-before-the-next-cyber-crisis\\\/\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/why-boards-must-prioritize-people-security-before-the-next-cyber-crisis\\\/\",\"name\":\"Why the Board of Directors Must Prioritize People Security Management Before the Next Cyber Crisis Hits\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/why-boards-must-prioritize-people-security-before-the-next-cyber-crisis\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/why-boards-must-prioritize-people-security-before-the-next-cyber-crisis\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/04\\\/Cyber-Crisis.jpg\",\"datePublished\":\"2025-04-22T13:29:04+00:00\",\"dateModified\":\"2025-04-22T13:31:19+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/why-boards-must-prioritize-people-security-before-the-next-cyber-crisis\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/threatcop.com\\\/blog\\\/why-boards-must-prioritize-people-security-before-the-next-cyber-crisis\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/why-boards-must-prioritize-people-security-before-the-next-cyber-crisis\\\/#primaryimage\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/04\\\/Cyber-Crisis.jpg\",\"contentUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/04\\\/Cyber-Crisis.jpg\",\"width\":1920,\"height\":1080,\"caption\":\"people security management in Cyber Crisis\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/why-boards-must-prioritize-people-security-before-the-next-cyber-crisis\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Why the Board of Directors Must Prioritize People Security Management Before the Next Cyber Crisis Hits\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/\",\"name\":\"Threatcop\",\"description\":\"Cybersecurity Blogs, News, Updates, and Articles\",\"publisher\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#organization\",\"name\":\"Threatcop\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/threatcop-logo-black-1.png\",\"contentUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/threatcop-logo-black-1.png\",\"width\":432,\"height\":102,\"caption\":\"Threatcop\"},\"image\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/people\\\/Threatcop\\\/100083109892339\\\/\",\"https:\\\/\\\/x.com\\\/threatcop\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/threatcop\\\/\",\"https:\\\/\\\/www.instagram.com\\\/threatcop_official\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/person\\\/e4db27ffd37219d73fc6b40cc9d45cfa\",\"name\":\"Threatcop\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/avatar_user_1_1696398433.jpeg\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/avatar_user_1_1696398433.jpeg\",\"contentUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/avatar_user_1_1696398433.jpeg\",\"caption\":\"Threatcop\"},\"sameAs\":[\"https:\\\/\\\/threatcop.com\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Why the Board of Directors Must Prioritize People Security Management Before the Next Cyber Crisis Hits","robots":{"index":"noindex","follow":"nofollow"},"og_locale":"en_US","og_type":"article","og_title":"Why the Board of Directors Must Prioritize People Security Management Before the Next Cyber Crisis Hits","og_description":"The $100 Million Mistake: When Facebook and Google Fell for a Simple Phishing Scam Between 2013 and 2015, two of the world\u2019s biggest tech giants\u2014Facebook and Google\u2014were scammed out of over $100 million by a single attacker who simply sent well-crafted phishing emails. How? An employee at each company unknowingly approved fake invoices and made [&hellip;]","og_url":"https:\/\/threatcop.com\/blog\/why-boards-must-prioritize-people-security-before-the-next-cyber-crisis\/","og_site_name":"Threatcop","article_publisher":"https:\/\/www.facebook.com\/people\/Threatcop\/100083109892339\/","article_published_time":"2025-04-22T13:29:04+00:00","article_modified_time":"2025-04-22T13:31:19+00:00","og_image":[{"width":1920,"height":1080,"url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2025\/04\/Cyber-Crisis.jpg","type":"image\/jpeg"}],"author":"Threatcop","twitter_card":"summary_large_image","twitter_creator":"@threatcop","twitter_site":"@threatcop","twitter_misc":{"Written by":"Threatcop","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/threatcop.com\/blog\/why-boards-must-prioritize-people-security-before-the-next-cyber-crisis\/#article","isPartOf":{"@id":"https:\/\/threatcop.com\/blog\/why-boards-must-prioritize-people-security-before-the-next-cyber-crisis\/"},"author":{"name":"Threatcop","@id":"https:\/\/threatcop.com\/blog\/#\/schema\/person\/e4db27ffd37219d73fc6b40cc9d45cfa"},"headline":"Why the Board of Directors Must Prioritize People Security Management Before the Next Cyber Crisis Hits","datePublished":"2025-04-22T13:29:04+00:00","dateModified":"2025-04-22T13:31:19+00:00","mainEntityOfPage":{"@id":"https:\/\/threatcop.com\/blog\/why-boards-must-prioritize-people-security-before-the-next-cyber-crisis\/"},"wordCount":641,"commentCount":0,"publisher":{"@id":"https:\/\/threatcop.com\/blog\/#organization"},"image":{"@id":"https:\/\/threatcop.com\/blog\/why-boards-must-prioritize-people-security-before-the-next-cyber-crisis\/#primaryimage"},"thumbnailUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2025\/04\/Cyber-Crisis.jpg","keywords":["cyber attack","Cyber Crisis","people security management","PSM"],"articleSection":["News and Digest","PSM"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/threatcop.com\/blog\/why-boards-must-prioritize-people-security-before-the-next-cyber-crisis\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/threatcop.com\/blog\/why-boards-must-prioritize-people-security-before-the-next-cyber-crisis\/","url":"https:\/\/threatcop.com\/blog\/why-boards-must-prioritize-people-security-before-the-next-cyber-crisis\/","name":"Why the Board of Directors Must Prioritize People Security Management Before the Next Cyber Crisis Hits","isPartOf":{"@id":"https:\/\/threatcop.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/threatcop.com\/blog\/why-boards-must-prioritize-people-security-before-the-next-cyber-crisis\/#primaryimage"},"image":{"@id":"https:\/\/threatcop.com\/blog\/why-boards-must-prioritize-people-security-before-the-next-cyber-crisis\/#primaryimage"},"thumbnailUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2025\/04\/Cyber-Crisis.jpg","datePublished":"2025-04-22T13:29:04+00:00","dateModified":"2025-04-22T13:31:19+00:00","breadcrumb":{"@id":"https:\/\/threatcop.com\/blog\/why-boards-must-prioritize-people-security-before-the-next-cyber-crisis\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/threatcop.com\/blog\/why-boards-must-prioritize-people-security-before-the-next-cyber-crisis\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/threatcop.com\/blog\/why-boards-must-prioritize-people-security-before-the-next-cyber-crisis\/#primaryimage","url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2025\/04\/Cyber-Crisis.jpg","contentUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2025\/04\/Cyber-Crisis.jpg","width":1920,"height":1080,"caption":"people security management in Cyber Crisis"},{"@type":"BreadcrumbList","@id":"https:\/\/threatcop.com\/blog\/why-boards-must-prioritize-people-security-before-the-next-cyber-crisis\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/threatcop.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Why the Board of Directors Must Prioritize People Security Management Before the Next Cyber Crisis Hits"}]},{"@type":"WebSite","@id":"https:\/\/threatcop.com\/blog\/#website","url":"https:\/\/threatcop.com\/blog\/","name":"Threatcop","description":"Cybersecurity Blogs, News, Updates, and Articles","publisher":{"@id":"https:\/\/threatcop.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/threatcop.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/threatcop.com\/blog\/#organization","name":"Threatcop","url":"https:\/\/threatcop.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/threatcop.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2026\/06\/threatcop-logo-black-1.png","contentUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2026\/06\/threatcop-logo-black-1.png","width":432,"height":102,"caption":"Threatcop"},"image":{"@id":"https:\/\/threatcop.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/people\/Threatcop\/100083109892339\/","https:\/\/x.com\/threatcop","https:\/\/www.linkedin.com\/company\/threatcop\/","https:\/\/www.instagram.com\/threatcop_official\/"]},{"@type":"Person","@id":"https:\/\/threatcop.com\/blog\/#\/schema\/person\/e4db27ffd37219d73fc6b40cc9d45cfa","name":"Threatcop","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/10\/avatar_user_1_1696398433.jpeg","url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/10\/avatar_user_1_1696398433.jpeg","contentUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/10\/avatar_user_1_1696398433.jpeg","caption":"Threatcop"},"sameAs":["https:\/\/threatcop.com"]}]}},"_links":{"self":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts\/12549","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/comments?post=12549"}],"version-history":[{"count":4,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts\/12549\/revisions"}],"predecessor-version":[{"id":12558,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts\/12549\/revisions\/12558"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/media\/12551"}],"wp:attachment":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/media?parent=12549"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/categories?post=12549"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/tags?post=12549"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}