I’ll be speaking in a few weeks at the Cyber Security: The Human Factor conference in Ottawa. My topic will be, in part, the role that human capital can and should play in security programs. But many people I speak with about human capital and people-centric security are more or less unfamiliar with the term. Human capital is something discussed a lot in other industries and fields, but not so much in information security. That’s a shame, really, because it means that security programs often allow a powerful source of wealth and value to go untapped in support of their efforts, even while fighting for the scarce resources they need to do their jobs. To better leverage human capital in support of cybersecurity, it’s important to understand what it is.