<![CDATA[The perennial question in digital business cybersecurity concerns whether human error or technical system vulnerabilities constitute the greater threat to organizational information systems and thus should receive priority in security investment. This study empirically examines this issue by identifying the weakest link in contemporary digital business environments. The study offers a theoretical contribution by integrating Human Error Theory, Socio-Technical Systems Theory, and the ISO 27001 framework into a unified analytical model for evaluating organizational information security weaknesses. Using an explanatory sequential mixed-methods design, quantitative data were collected from 217 information technology professionals, complemented by 15 in-depth interviews and an analysis of security incident records. The results indicate that human error (M = 3.82) is significantly more prevalent than technical system vulnerabilities (M = 2.94), as confirmed by a paired t-test (t(216) = 5.734, p < .001). Structural Equation Modeling further reveals that workload pressure and insufficient practice-based training significantly contribute to human error (β = 0.58, p < .001). Qualitative findings highlight cognitive overload, training gaps, and social engineering as dominant contributing factors. The study demonstrates that human error should not be interpreted merely as individual negligence but as an outcome of more profound organizational and socio-technical weaknesses. These findings support a strategic shift toward human-centered and socio-technical cybersecurity approaches to enhance organizational digital resilience.]]>
Copyrights © 2025
