Week 7 Case Study

Cybersecurity’s Human Factor: Lessons from the Pentagon

This weeks case study examines an article from the Harvard Business Review concerning how to transition a business to have a security mindset. Specifically, how to implement security measures and practices across the whole of a business.

For this article the authors focused on how the U.S. military has been able to stream line its security and IT structure across all of its branches to decrease risk and improve overall security. The article highlights the path the military took to consolidate the different department level security offices into a single joint entitiy the U.S. Cyber Command.

The authors cite a 15% increase in “cyber-ready” status across the different branches as a result of this transition. The authors link this improvement to an organization wide refocusing on security practices. All military branches were given a new set of best practices that ensured that members were trained to a set standard. These guidelines also ensure that all memebers recieve the same training mandates and citifications across the branches.

For private businesses the article discusses methods and justifications for transitioning to a more security focused business stance. By making security a core value within the organization it helps to ensure that all employees are following best practices and minimizes the risk to the business.

The article repeatedly highlights that the human factor is the biggest risk a company has to manage. Adopting strategies to address why employees fail to maintain security should lead to few security breaches and less need for administrative action against employees.