How large a portion of infosec risk is due to software/hardware issues and how large due to social engineering?
How large a portion of infosec risk is due to software/hardware issues and how large due to social engineering?