You (WE) Are the Weakest Link

Having had the pleasure of watching the television show ”The Weakest Link,” I was always taken aback when the host would so crudely point out to contestants they were the weakest link. The curtness of the delivery caused an involuntary reaction because no one talks like that—do they? Should they?

When it comes to the world of cybersecurity, it’s a message that truly resonates when we read that statistically more than 80 percent of all breaches result from the human in the loop. Simply clicking on links in phishing emails continues to be the nemesis of chief information security officers across government and industry. Many articles of late poked fun at the fact that in testing driverless cars, accidents were more prone to happen when humans took control.

We are spending millions upon millions of dollars for the latest and greatest technologies, and we still see the most number of penetrations caused from simple errors in judgment. Many companies have incorporated cyber awareness training into annual curricula, but we humans continue to click away. What changes must we incorporate into our cybertraining to reduce the successful attacks on our networks?

While we recognize how important training is to our user population, the question is, do we increase the frequency and evolve the content of our cyber awareness training, or do we merely adopt the television show’s tactic of reminding every computer user that they are the weakest link? Training has the power to change the human from the weakest link to the “human as the sensor.” Think of the power we could harness and bring to bear against this adversary with millions upon millions of well-tuned sensors.

Tim McMillan is a director with Siemens Government Technologies Incorporated.