Employees are an organization’s most valued asset. The engine of any business is only as successful as the mechanism driving it forward. The degree to which it maintains a highly skilled, as well as highly trained, workforce often defines this unique mechanism and dictates to a large extent its direction for fulfilling its potential goals for growth. But cursory concerns over data breaches and a lack of attention to cybersecurity initiatives stemming from an underestimation of the corporate threat landscape can be both costly and broadly consequential. So it is no surprise then that both the White House and Congressional lawmakers last June called on the private sector to “step up” their efforts to address corporate cybersecurity by examining any long-held resistance or hesitation toward shoring up defensive security and privacy programs.

Stepping Toward Employee Training

But before any organization can “step up,” it should first “step toward” a mindset that embraces strategic employee training in cyber awareness, incorporating actual scientific principles of psychology and behavior to engineer a higher success rate in fending off a cyber attack. Typical defensive game plans in cyber often conflate what is really a people issue with a technical one. A company’s most valued asset (its employees) can turn into its biggest legal liability (costs/enforcement) by ignoring the fundamental advantages of implementing scientifically targeted cyber awareness training. Using employee training specific to statistically patterned behavior points can have the effect of significantly reducing the probability of compromised systems from a cyber breach, or in some cases contain the point of entry to a fixed but defined area to mitigate overall damage.