Analysis & Opinions - Harvard Business Review
More Training Won't Reduce Your Cyber Risk
Summary
Except for senior managers, who all too often skip training or don’t take it seriously themselves, the way to reduce cyber risks is not more training; it is to not trust humans in the first place. There are simply too many chances for us to accidentally hurt ourselves or the networks on which we operate regardless of how much training we receive. What we need to do is to help users and customers keep themselves and their households and organizations out of trouble. This article discusses several measures that will make a company and its users more secure, regardless of whether or not they receive more training.
Want to Read More?
The full text of this publication is available via the original publication source.
For more information on this publication:
Belfer Communications Office
For Academic Citation:
Sulmeyer, Michael and Mari Dugas.“More Training Won't Reduce Your Cyber Risk.” Harvard Business Review, November 24, 2017.
The Authors
Michael Sulmeyer
- Former Director, Cyber Security Project
Mari Dugas
- Former Project Coordinator, Cyber Project, China Cyber Policy Initiative, and Defending Digital Democracy Project
- Recommended
- In the Spotlight
- Most Viewed
Recommended
Analysis & Opinions
- Lawfare
Backdoor in XZ Utils That Almost Happened
Analysis & Opinions
- Lawfare
Building a Cyber Insurance Backstop Is Harder Than It Sounds
Analysis & Opinions
- cyberscoop
CFPB’s Proposed Data Rules Would Improve Security, Privacy and Competition
In the Spotlight
Most Viewed
Analysis & Opinions
- Foreign Policy
America Fueled the Fire in the Middle East
Analysis & Opinions
- Bulletin of the Atomic Scientists
The Enormous Risks and Uncertain Benefits of an Israeli Strike Against Iran's Nuclear Facilities
Policy Brief
- Belfer Center for Science and International Affairs, Harvard Kennedy School
Nuclear Terrorism Fact Sheet
Summary
Except for senior managers, who all too often skip training or don’t take it seriously themselves, the way to reduce cyber risks is not more training; it is to not trust humans in the first place. There are simply too many chances for us to accidentally hurt ourselves or the networks on which we operate regardless of how much training we receive. What we need to do is to help users and customers keep themselves and their households and organizations out of trouble. This article discusses several measures that will make a company and its users more secure, regardless of whether or not they receive more training.
Want to Read More?
The full text of this publication is available via the original publication source.The Authors
Michael Sulmeyer
- Former Director, Cyber Security Project
Mari Dugas
- Former Project Coordinator, Cyber Project, China Cyber Policy Initiative, and Defending Digital Democracy Project
- Recommended
- In the Spotlight
- Most Viewed
Recommended
Analysis & Opinions - Lawfare
Backdoor in XZ Utils That Almost Happened
Analysis & Opinions - Lawfare
Building a Cyber Insurance Backstop Is Harder Than It Sounds
Analysis & Opinions - cyberscoop
CFPB’s Proposed Data Rules Would Improve Security, Privacy and Competition
In the Spotlight
Most Viewed
Analysis & Opinions - Foreign Policy
America Fueled the Fire in the Middle East
Analysis & Opinions - Bulletin of the Atomic Scientists
The Enormous Risks and Uncertain Benefits of an Israeli Strike Against Iran's Nuclear Facilities
Policy Brief - Belfer Center for Science and International Affairs, Harvard Kennedy School
Nuclear Terrorism Fact Sheet
