What I had in mind was more in the way of a simple error due to distraction. We know the principle of indirect attacks, through software. Our problem is psychological piracy. The person is then deliberately in the system.
For instance, when I was a member of the Canadian Bankers Association, we were presented with an electronic payments terminal that was supposed to be unhackable. But it only took three weeks for that to happen. It was not due to human error, but really to malicious intent from the inside.
What solutions do we have to manage the human factor?