Isn’t it about time the cybersecurity industry shifts towards positive reinforcement cybersecurity training?
We must consider that there might be better ways to change cybersecurity behaviors than threatening or boring the workers?
In the end, do we want them to be afraid and belittled, or do we want them to become savvy and advocates of good security practices?
Cybersecurity leaders should move away from being perceived as heavy-handed enforcers and evolve to a position of business partners that enable success.
What do you think?