10 years ago a bulk of cybersecurity attacks focused on defeating cyber infrastructure like firewalls, routers and anti-virus software. But over the last decade, the target of attacks shifted. People turned out to be more vulnerable than hardware or software. Every employee, from the CEO to a new hire, is vulnerable to attacks and attackers have gotten clever, targeting and tailoring their scams to specific people. Phishing emails are filled with personal information scammers skim from the internet about their targets. And to add to this problem, we all tend to leave a lot of publicly available information out there for scammers to use against us. When building a cybersecurity strategy, no matter how big or small, no matter how simple or complicated, every organization must have a plan to deal with the human factor. What is your plan?