As NIS2 makes management legally responsible for a lack of preparedness surrounding cybersecurity issues, and as security executives are increasingly experiencing ever-present anxiety associated with their organizations being exposed to constant threats, it is imperative to have strategies in place that promote a human-centric approach to cybersecurity. On the one hand, this means ensuring that cyber risk is understood at all levels; on the other hand, it means protecting security leaders from burnout.

• Where can we push company policies to ensure we are mitigating human risk? What can be done to improve communication around it internally, at all levels?
• Where can training and education help achieve a human-centric approach?
• How can we best market our strategies to people from across our organizations?
• How can we overcome stress, fatigue and other mental health concerns associated with the high-stress scenarios brought by potential cyberattacks?
• What can be done to build a positive digital culture?