Security leaders must realize that human factors contribute to the success of a security control as much as the risk reduction of the security control itself. Security leaders who choose to ignore human factors run the risk of user security mistakes and even a full security breach. There are three human factors that contribute to the success of a security control and six human factors that act as resistors to effectiveness. In this report, we review human factor successes and failures and help security leaders understand the success contributors and resistors that will help them raise the bar on all the security products, solutions, and programs that they choose to implement.