My interview with ITPro on how a cyber security strategy needs to take account of the risk people can bring.