More Training Is Not The Answer for Cybersecurity

Dateline: December 8, 2017

Welcome to our Friday WRAP – one thought-provoking idea to think about over the weekend.

Making our companies more cyber secure is a critical goal these days.  Since we know that employees are often the weakest link to a cybersecurity plan (in fact IBM estimates that 60% of all attacks are from the inside), managers often believe that more training is the answer.  But recently, Michael Sulmeyer and Mari Dugas, Harvard researchers from the Belfer Center at the Kennedy School,  published a thoughtful blog at Harvard Business Review suggesting that more training won’t work.  Their article, More Training Won’t Reduce Your Cyber Risk, suggests,

The human is indeed the weakest link in cybersecurity. But all too often organizations’ approach to mitigating that risk — other than taking the wise step of ensuring that they have the state-of-the art technological protection in place — is more training. It won’t suffice.

The article suggests some pretty strict policies and practices that help others minimize the human side of cybersecurity.

Other than training, what can your organization do to minimize the risk of human error?

That’s a WRAP!  Have a great weekend!

Speak Your Mind