November 24, 2017

More Training Won’t Reduce Your Cyber Risk

By Michael Sulmeyer and Mari Dugas

How many times have you had to watch your company’s latest cybersecurity training video? An entire industry now exists to train us humans to be smarter in how we operate computers, and yet the number of cybersecurity incidents continues to rise. Are the hackers always one step ahead? Are we impossible to train? Or are we being taught the wrong lessons?

The human is indeed the weakest link in cybersecurity. But all too often organizations’ approach to mitigating that risk — other than taking the wise step of ensuring that they have the state-of-the art technological protection in place — is more training. It won’t suffice.

The U.S. armed forces and security agencies are a case in point. Should the military train its soldiers, sailors, generals, and admirals so they are less of a weak link for cybersecurity, as Admiral Sandy Winnefeld, the former vice chairman of the U.S. Joint Chiefs of Staff, advises? Sure. Should the National Security Agency (NSA) do the same for its employees to keep secrets secret, as the New York Times indicates has been a challenge? Obviously.

Read the full commentary in the Harvard Business Review.

  • Commentary
    • Lawfare
    • March 18, 2020
    The Cyberspace Solarium Commission’s Mandate to Fix Congressional Oversight

    The report of the Cyberspace Solarium Commission is finally out—and it provides a fresh look at congressional oversight on cybersecurity. Congress established the commission a...

    By Carrie Cordero & David Thaw

  • Commentary
    • Lawfare
    • February 20, 2020
    Take Greenland Seriously and Literally as a Vital National Security Issue

    It is tempting to dismiss talk of Greenland’s significance for defense and foreign policy simply because President Trump infamously made it a punch line last year. The world’...

    By David Priess & Martijn Rasser

  • Podcast
    • January 17, 2020
    Stories from the Backchannel: Season Two Trailer

    Now more than ever, Americans are interested in the people working behind the scenes on consequential national security decisions. In Season Two of Stories from the Backchanne...

    By Ilan Goldenberg, Richard Fontaine, Susanna V. Blume, Kayla M. Williams, Price B. Floyd, Kurt Campbell & Kara Frederick

  • Podcast
    • September 10, 2019
    When your data is held hostage

    Technology and security expert Kara Frederick explains how and why U.S. local governments and electoral rolls are vulnerable to ransomware and what can be done about it. List...

    By Kara Frederick

View All Reports View All Articles & Multimedia