You can buy better tools, but that alone won’t get you to perfect cyber security
You can buy better tools, but that alone won’t get you to perfect cyber security
Publish Date: 2026-05-08 13:38:00
Source Domain: federalnewsnetwork.com
Terry Gerton Cybersecurity is a big topic for us. We talk about it a lot. Our audience is really interested in it. We talk about typically cybersecurity tools, training, rules and regulations. And at the same time, though, we’re noticing that phishing and social engineering attacks are getting more sophisticated every year. Breaches continue to happen at every level of government. From your perspective there at Fors Marsh, What explains the gap between investment in technology for cybersecurity and outcomes?
Nicole Togno So I see this as, I think to answer honestly, I think perhaps we’ve been solving for the wrong problem. So agencies invest a lot in the tools and those tools are really good at managing systems. I think perhaps what they haven’t invested as much in is understanding the people operating inside those systems, right? People are complicated. We’re all very complicated beings, right. We are busy. We act under pressure more and more, right, as our work advances and technology infuses the way in which we work. And so we are called upon to make, you know, a zillion judgment calls throughout the course of a day. And attackers understand that, right? Phishing, really prominent, works not just because someone’s careless or they lack the competence. Those things work because it’s designed to exploit how humans actually process information, especially when they’re under stress. So when I look at why these kinds of breaches still happen, and I don’t see necessarily the technology gap, right? I’m coming at it from a different angle. I see how the gap really is an understanding, is in the way in which we understand human behavior.
]]
Terry Gerton What I hear you say is that no matter how much we invest, we’re never going to have a fail-safe technical solution to cybersecurity, that it’s a behavioral challenge. What does that mean for government leaders in a practical sense, when they’re thinking about their cyber risks?
Nicole…
