Best practise says that Cybersecurity is as much about People & Processes as it is about Technology. If the people, using the technology you have installed to protect you, aren’t using it properly then the technology won’t protect you properly. This is why an assessment of People is equally as important a consideration in your overall cybersecurity strategy. Also it is no longer “if I get attacked” but “when I am attacked, am I spotting it & tackling it quickly & effectively?” This is why an assessment of Processes is equally as important a consideration in your overall cybersecurity strategy.