Analysis & Opinions - Harvard Business Review
More Training Won't Reduce Your Cyber Risk
Summary
Except for senior managers, who all too often skip training or don’t take it seriously themselves, the way to reduce cyber risks is not more training; it is to not trust humans in the first place. There are simply too many chances for us to accidentally hurt ourselves or the networks on which we operate regardless of how much training we receive. What we need to do is to help users and customers keep themselves and their households and organizations out of trouble. This article discusses several measures that will make a company and its users more secure, regardless of whether or not they receive more training.
Want to Read More?
The full text of this publication is available via the original publication source.
For more information on this publication:
Belfer Communications Office
For Academic Citation:
Sulmeyer, Michael and Mari Dugas.“More Training Won't Reduce Your Cyber Risk.” Harvard Business Review, November 24, 2017.
The Authors
Michael Sulmeyer
- Former Director, Cyber Security Project
Mari Dugas
- Former Project Coordinator, Cyber Project, China Cyber Policy Initiative, and Defending Digital Democracy Project
- Recommended
- In the Spotlight
- Most Viewed
Recommended
Video
- SNF Agora Institute
Election 2020 — Securing the Vote
Audio
- Pioneer Institute
Ballot Question 1: Risks & Regulations Regarding Right to Repair
Magazine Article
- Economist
Digital Dominance: A new global ranking of cyber-power throws up some surprises
In the Spotlight
Most Viewed
Policy Brief
- Quarterly Journal: International Security
The Future of U.S. Nuclear Policy: The Case for No First Use
Discussion Paper
- Belfer Center for Science and International Affairs, Harvard Kennedy School
Why the United States Should Spread Democracy
Summary
Except for senior managers, who all too often skip training or don’t take it seriously themselves, the way to reduce cyber risks is not more training; it is to not trust humans in the first place. There are simply too many chances for us to accidentally hurt ourselves or the networks on which we operate regardless of how much training we receive. What we need to do is to help users and customers keep themselves and their households and organizations out of trouble. This article discusses several measures that will make a company and its users more secure, regardless of whether or not they receive more training.
Want to Read More?
The full text of this publication is available via the original publication source.The Authors
Michael Sulmeyer
- Former Director, Cyber Security Project
Mari Dugas
- Former Project Coordinator, Cyber Project, China Cyber Policy Initiative, and Defending Digital Democracy Project
- Recommended
- In the Spotlight
- Most Viewed
Recommended
Video - SNF Agora Institute
Election 2020 — Securing the Vote
Audio - Pioneer Institute
Ballot Question 1: Risks & Regulations Regarding Right to Repair
Magazine Article - Economist
Digital Dominance: A new global ranking of cyber-power throws up some surprises
In the Spotlight
Most Viewed
Policy Brief - Quarterly Journal: International Security
The Future of U.S. Nuclear Policy: The Case for No First Use
Discussion Paper - Belfer Center for Science and International Affairs, Harvard Kennedy School
Why the United States Should Spread Democracy
