Historically, threat actors would work diligently to hack through next-generation firewalls, endpoint detection systems and other traditional security tools — something that takes significant work and is often for nothing, since perimeter security is excellent today. For the bad guys, a better approach is to go through the users.
Source: SiliconANGLE