You raise the idea of using API integrations to get access to behavioral data — and boom!, you’re hit with the same tired objections.
View in browser
CybSafe logo
BEHAVE Newsletter

 “We already have that data.” Bollocks to that. Here’s how to break down data silos.

 

 

Dear renegades, mavericks, and deviants,

 

 

You raise the idea of using API integrations to get access to behavioral data — and boom!, you’re hit with the same tired objections:


“We already capture this data in our existing tools.”
 “We already block that behavior with technical controls.”

 

You’ve heard it before. You knew it was coming. But it still grates. No, actually, let’s say the quiet part out loud: it hurts.

 

 

Why does it grate so much?


Because you know what it really signals.


It’s not just resistance to an integration. It’s a misunderstanding, maybe even a dismissal, of you, your entire function, and everything your team stands for.


It’s the quiet assumption behind the words:


“Why do you need technical stuff like telemetry? You do training, education, and comms, don’t you? Leave the technical stuff to us.”

 

It’s the outdated view that managing human risk is fluffy. Non-technical. Optional.

 

But you and I know the truth:

 

Managing human cyber risk is profoundly technical. Just not completely in the digital sense. Rather, in a way that challenges the conventional definitions.


Because it takes serious discipline to understand behavior. It takes rigour to change what people actually do. And it takes skill to influence habits, shift intent, and drive measurable outcomes.


It also takes the right data, the right insight, and the right tools to do that at scale.


This isn’t just newsletters, escape rooms, and posters. This is behavioral engineering. Psychology. Systems thinking. Intervention design. Measurement. Automation.


You’re not just sending educational messages. You’re engineering change and helping your organization see around risk corners.


And in 2025 — when cybercriminals are evolving fast and AI is rewriting the threat landscape at pace — the security function needs to evolve too. The old mindsets won’t cut it.

 

Security teams that cling to silos and technical-first thinking are sleepwalking into failure.


So no, you're not just the training & awareness team.
You're leading the charge on one of the most complex, human, and strategically vital areas of cybersecurity today.


And — I’m just going to say it — you’re the department everyone relies on after things go wrong, and the one that gets overlooked before they do.


I know you’ve been here before. I know you’re tired of explaining.


So here’s how to help your colleagues finally get it.

 

 

1. The data isn’t currently being used for human risk management.
SIEMs, DLP tools, endpoint agents — they’re great at flagging technical threats. But they weren’t built to surface insight about human behavior, intent, or decision-making. They can’t tell the difference between a one-off mistake and a risky pattern. They don’t measure culture. And they don’t help you change anything.

 

2. The data sits in silos.
It’s fragmented. Spread across dashboards, owned by different teams, and invisible to the people who need it. Human risk teams. Awareness, Behavior and Culture teams. Governance teams. Human Risk Managers. They can’t use what they can’t see. And even if they could, the data isn’t joined up. It doesn’t tell a coherent story. It’s noise, not narrative. Yet somehow, you’re expected to change behavior without access to the full picture. Go figure.

 

3. The data lacks behavioral context and meaning.
It’s not just about having data. It needs meaning. The data needs to be interpreted — through the lens of behavior, risk outcomes, and change. 

 

You need to link:

  • Signals to behaviors
  • Behaviors to risks
  • Risks to interventions

That’s what proper Human Risk Management (HRM) tech does (and it’s what CybSafe does).

 

It turns fragmented telemetry into actionable behavioral insight. Which is why giving you access to the data isn't duplication but optimization: It's unlocking greater value from the data the security function already collects!

 

So when someone says, “We already have this data”, here’s your response:

 

“You have the data — but we’re not using it to manage behavioral risk. HRM technology gives it meaning, context, and purpose. It turns telemetry into insight — and insight into action.”

 

And if they say, “We already block that behavior”, tell them this:

 

“Blocking is a symptom treatment — not a cure.

If someone is behaving insecurely — whether it’s trying to enter sensitive data into ChatGPT, using unapproved AI tools, or misclassifying documents — blocking it doesn’t solve the root problem. It just hides it.”

 

“Eventually, they’ll find a workaround. Or our controls will miss something elsewhere — on shadow IT, unmanaged devices, in unmanaged apps.. And we’ll only find out after the damage is done. That’s why behavioral security is foundational.”

 

 

Here’s what blocking can’t do:

  • It can’t tell you who’s behaving insecurely, or why
  • It can’t tell you which controls are working — and which are wasted
  • It can’t help you reinforce good behaviors
  • It can’t measure culture, intent, or change over time
  • And it can’t help you get ahead of emerging threats in the AI era

We’re not saying don’t block.

 

We’re saying don’t stop there.

 

 

You can’t automate what you can’t see. You can’t fix what you don’t understand.

 

Proper HRM technology like CybSafe makes risky behavior visible, measurable, and fixable — across all your people, systems, and environments.

 

It gives you a joined-up view of:

  • Who’s introducing risk
  • Why it’s happening
  • And how to reduce it through targeted, automated, evidence-based action

And that’s how you build resilience that lasts.

 

A final takeaway for your next internal conversation:

 

“Yes — we already collect this data. But we don’t use it to manage human risk. We need to make the invisible visible. We need to connect the dots. This helps us fix the root cause — not just the symptoms.”

 

 

And yes — I know this isn’t an easy conversation.

 

You’re asking an already-stretched team of brilliant security colleagues to commit time and effort to something that doesn’t feel like an immediate priority to them. And I know how it goes down: Every time you raise it, there’s that look — the one that says ‘here comes the awareness team again’.

 

But here’s the reality: They don’t own the data.

It’s not their telemetry. It’s organizational data. And it should be used in ways that serve the whole organization — not just one function’s immediate KPIs.

 

So frame it that way. This isn’t duplication. It’s maximizing potential. Who wouldn’t want to unlock more value from the data the security team’s already collecting? Right?

 

But don’t start with the tool. Start with the strategy. Get your leadership — especially your CISO — to buy into the approach. Help them see how this aligns directly with their goals: Being more data-driven. Improving resilience. Reducing real risk. And building a security function fit for the world we live in — as well as the one that’s coming.

 

And if you want help having that conversation?

 

If you want to see how other human risk leaders have successfully convinced their orgs to take a behavior-first approach?

 

I’m happy to help.

Just grab some time here.

— Oz A

 

      Thanks for reading! 

      Was this email forwarded to you? Sign up here. 

       

      Oz Alashe

      Oz Alashe

      CEO and Founder, CybSafe

      What did you think of today's email?

      Your feedback helps me create better emails for you!

        Loved it ❤️
        It was okay 👌
        It was terrible 👎
        whitelogo-newsletter

        CybSafe, Level 39, One Canada Square, Canary Wharf, London, United Kingdom, E14 5AB
        Website
        LinkedIn
        X

        contact@cybsafe.com

        +44 20 3909 6913

        Unsubscribe Manage Preferences

        About

        Solutions

        Resources

        SebDB community