It’s recommended that organizations have their staff take part in annual human factors training
to reduce the risks of human-centered issues.

Information security risk assessments are usually incomplete without human factors risk
assessments too.

One of the biggest cybersecurity issues isn’t people, but the lack of useful training.