As digital transformation continues to accelerate across industries, one cybersecurity expert is urging organizations not to overlook the human element in their security
strategy.
James Olaniyan, an experienced IT professional and advocate for responsible technology practices, believes that the key to sustainable cybersecurity isn’t just about firewalls, antivirus software, or threat-detection tools.
It’s about culture—how teams think, act, and relate to security every single day.
In a recent commentary on the subject, James emphasized that effective cybersecurity must be rooted in behavior, not just technology.
“You can install the best tools available, but if your people don’t understand their role in security, the entire system remains at risk,” he noted.
Drawing from his extensive work supporting infrastructure and support systems across major operations like Amazon’s last-line facilities, James has witnessed firsthand how
simple habits—clicking on unfamiliar links, neglecting updates, or using weak
passwords—can open the door to serious breaches.
Yet, he says these actions rarely stem
from negligence; they come from a lack of shared responsibility and awareness.
He pointed out that in many organizations, cybersecurity is seen as an “IT problem”—
something only the technical team should worry about.
This, he argued, is a dangerous
mindset. “Cybersecurity should be as much a part of workplace culture as communication or accountability. Everyone needs to own it.”
James advocates for building what he calls a “digital responsibility culture.” This means equipping staff with not just training, but context. Employees should understand not just
what phishing looks like, but why attackers use it.
They should know the impact of
failing to lock a screen or sharing login details. And most importantly, they should feel safe speaking up when something seems suspicious.
He also stressed that leadership plays a crucial role in setting the tone. “When executives and managers take security seriously—when they follow the same rules, ask questions, and prioritize regular learning—it sends a clear message across the organization.”
According to James, creating this kind of culture isn’t a one-time campaign or a quarterly seminar.
It’s an ongoing process of education, feedback, reinforcement, and leadership
alignment.
He highlighted strategies like gamified training, real-life simulations, crossdepartment collaboration, and recognition for good security practices as effective ways to embed cybersecurity into daily routines.
“People are not the weakest link—they’re the first line of defense,” James said. “But they need to be empowered, not just instructed.”
The expert concluded with a challenge to business leaders: stop treating cybersecurity as a checkbox and start treating it as a shared value. In a world where digital threats are as
common as email, building a security-conscious culture might be the most important upgrade a company can make.
Leave a comment