My doctoral research is built on three pillars. Leadership culture, organizational structure, and human behavior. The working thesis examines how these three variables independently and collectively contribute to the 80 percent of cybersecurity breaches attributed to human error. But before I can apply that framework to cybersecurity I need to demonstrate that I understand how these pillars interact in any organizational context. This post does exactly that using a technical support AHT scenario as the laboratory.
THE SCENARIO IN BRIEF
A technical support team of 25 agents across two shifts was missing its 8 minute Average Handle Time target. Over 45 days, 4,219 out of 18,750 interactions exceeded the target. When measured by shift the evening team was operating at 1.80 sigma while the morning team operated at 2.68 sigma. The evening shift handled 40 percent of total volume but produced 68 percent of all defects.
PILLAR ONE: ORGANIZATIONAL STRUCTURE
The structural failure in this scenario existed before a single call was ever answered. The evening shift was staffed with 10 agents, three of whom had been hired within the last 60 days, against a morning shift of 15 agents averaging 2.3 years of tenure. That structural imbalance meant the evening shift was being asked to perform at the same standard as the morning shift without the organizational support, tenure depth, or staffing density to make that realistic.
Organizational structure does not just mean org charts and reporting lines. It means how resources are distributed, how teams are built, and whether the design of the organization makes success possible or quietly makes failure inevitable. In this case the structure made failure statistically predictable before anyone looked at a single performance metric.
This is directly relevant to cybersecurity. Organizations that distribute security responsibilities unevenly across teams, that staff security functions inadequately, or that design processes without accounting for human capacity constraints are building structural vulnerability into their security posture before a single threat ever arrives.
PILLAR TWO: HUMAN BEHAVIOR
The three customer reported reasons for long calls reveal the human behavior dimension of this scenario precisely. Complex issues requiring escalation suggest agents lacking the confidence or knowledge to resolve problems independently. Multiple holds suggest agents navigating uncertainty in real time rather than arriving at calls prepared. Customers repeating information suggests agents not documenting interactions thoroughly enough to maintain continuity.
None of these are character flaws. They are behavioral patterns produced by insufficient preparation, inadequate tools, and unclear process expectations. Human behavior in organizational contexts is rarely random. It is shaped by the environment, the training, the incentives, and the support structures surrounding the individual.
This is the core insight my research is built on. The same logic applies directly to cybersecurity. When employees click phishing links, share credentials, or bypass security protocols they are not simply making bad decisions. They are making predictable human decisions inside organizational environments that failed to adequately prepare, support, or incentivize secure behavior.
THE CONNECTION TO THE 80 PERCENT
The AHT scenario produced a measurable defect rate driven by structural and behavioral variables that had nothing to do with agent intent or capability in isolation. The agents were not failing. The system surrounding them was failing them.
Apply that same lens to cybersecurity. If 80 percent of breaches involve human error the question is not why are humans making errors. The question is what organizational structures and behavioral conditions are producing those errors at scale. And more importantly, what leadership decisions created or allowed those conditions to exist in the first place.
That is the question this research exists to answer.
WHAT COMES NEXT
Future pillar analysis posts will examine leadership culture as the third variable and begin building the literature foundation for how all three pillars interact as a system rather than operating independently. The AHT scenario demonstrated that structural and behavioral variables are inseparable in practice. The research will ultimately argue that cybersecurity resilience cannot be achieved by addressing any single pillar in isolation.
The system is the problem. The system is also the solution.
Robert A. Reinhardt
Independent Researcher
ORCID: 0009-0007-6568-9784
Leave a Reply
You must be logged in to post a comment.