Why we need a seventh sense for Cybersecurity
Navigating the digital world needs capacity building to securely navigate cyberspace and it needs modern approaches to learning. Above all, the approach needs to be deeply user-centric and foster their individual anticipatory skills. In short: we need to create a seventh sense for Cybersecurity.
Imagine the only way to drive a car for the first time, would be to buy one and start driving. No training, no test whatsoever. Just enter and go. Imagine it would be commonplace to require professionals to drive not only cars but trucks for their work. Again, no specific training let alone a certificate required.
What sounds unimaginable today, was the status quo at the beginning of the 20th century in the US - just shortly after the car was invented. With more and more vehicles being put on the road, road safety became a serious issue and deaths tolled. There were many discussions on how to mitigate this situation - calling for stricter rules or technical solutions like straighter roads. There was one man however, who found a solution: Amos Earl Neyhart. He deeply believed it needed more attention to the human side of things. The driver. Consequently, he established the first course in driver education at State College High School in 1932 and taught the first teacher-preparation course in driver education four years later. Today it is widely accepted and even a legal prerequisite that you need drivers training before you may partake in traffic.
The digital world needs capacity building
In digital traffic, it seems, we are yet to apply that same logic. Navigating the digital world needs capacity building for how to securely navigate cyberspace. Yet, while literally no day goes by without another data breach, education in Cybersecurity still falls short of what would be needed in this situation. Why do we all use computers, smartphones and many other devices - at home and at work - with little training whatsoever. I think a good understanding of navigating in cyberspace should be a prerequisite.
Importance of anticipatory skills
Just extending training to more people and widening the audience is not enough though. I am convinced we also need to advance how we teach. And again, looking at traffic education provides good inspiration. In this case it is a German initiative which provides good example. In the 60ies, it became clear to German thought leaders that appealing to road users’ manners and teaching traffic rules was not enough. They increasingly saw traffic as a highly dynamic system in flux. This system required “a high degree of elastic adaptation” from its users, as one expert put it. The practitioners in the field of road safety translated these thoughts into the catchword “Verkehrssinn” - subconsciousness control for navigating traffic. They started to reflect upon what they called a “Siebter Sinn (seventh sense).”
A good driver, they claimed, does not need to think about how to behave properly on the road – he simply does. Therefore, traffic education should stop teaching predefined codes of conduct and stop insisting on compliance at any rate. Rather, traffic education increasingly relied on conveying attitudes, building ‘anticipatory skills’ and fostering a positive ethos of drivers having exactly these skills. Over the course of a few decades, the seventh sense manifested itself as an idea and even became an export success to many other countries.
A seventh sense for Cybersecurity
For Cybersecurity we need to work by the same paradigm and center again on the ‘human factor’. We need to focus on the anticipatory skills need in adverse situations, building the capacity for people to subconsciously react correctly to unexpected situations. This notion of self-control, I call the seventh sense for Cybersecurity. The seventh sense for Cybersecurity will in turn also create the positive attitude and the efficacy among the users that in turn will generate a change in behavior – towards more cybersecure navigation and actions in digital traffic.
To get there, a row of activities and measures are needed. These reach from transparency for Cyberrisk to opportunity-based learning experiences to active community building around the topic of Cybersecurity. Through the Charter of Trust and our call for more Cybersecurity Education, we are fostering exactly these approaches – not only among the partners but also through privat-public exchange with the relevant authorities. Another route in this direction at Siemens is the learning programme of “Growing your business with Cybersecurity” which just has been launched internally.
In sum, it is clear to me: We have to adapt cybersecurity education if we want people to adapt. We need a sevenths sense for cybersecurity.
This article was first published on linkedin: https://www.linkedin.com/pulse/why-we-need-seventh-sense-cybersecurity-kai-hermsen/