November 24, 2017

More Training Won’t Reduce Your Cyber Risk

By: Michael Sulmeyer and Mari Dugas

How many times have you had to watch your company’s latest cybersecurity training video? An entire industry now exists to train us humans to be smarter in how we operate computers, and yet the number of cybersecurity incidents continues to rise. Are the hackers always one step ahead? Are we impossible to train? Or are we being taught the wrong lessons?

The human is indeed the weakest link in cybersecurity. But all too often organizations’ approach to mitigating that risk — other than taking the wise step of ensuring that they have the state-of-the art technological protection in place — is more training. It won’t suffice.

The U.S. armed forces and security agencies are a case in point. Should the military train its soldiers, sailors, generals, and admirals so they are less of a weak link for cybersecurity, as Admiral Sandy Winnefeld, the former vice chairman of the U.S. Joint Chiefs of Staff, advises? Sure. Should the National Security Agency (NSA) do the same for its employees to keep secrets secret, as the New York Times indicates has been a challenge? Obviously.

Read the full commentary in the Harvard Business Review.

More from CNAS

  • Commentary
    • Foreign Affairs
    • July 29, 2020
    Can China’s Military Win the Tech War?

    The United States and its allies should take seriously Beijing’s efforts to militarize China’s technological base....

    By Anja Manuel & Kathleen Hicks

    • Transcript
    • May 20, 2020
    Transcript from Emerging Concepts in Joint Command and Control

    On Wednesday, May 20, 2020, the CNAS Technology and National Security Program hosted a virtual panel discussion on emerging concepts in joint command and control featuring Hon...

    By Robert O. Work, Chris Dougherty & Paul Scharre

  • Commentary
    • Space News
    • May 13, 2020
    What the government should or should not do to help space industry

    The COVID-19 economic slowdown will have lasting implications on the new space sector. Yet the United States cannot afford another lost decade of commercial space innovation. ...

    By Mikhail Grinberg

  • Commentary
    • The Washington Examiner
    • April 5, 2020
    Time for the US to declare independence from China

    Americans now know they can’t rely on China or even our allies to produce the goods we need during a pandemic. That’s why it’s time for the United States government to do what...

    By Anthony Vinci & Dr. Nadia Schadlow

View All Reports View All Articles & Multimedia