DiscoverReimagining Cyber - real world perspectives on cybersecurityShock, Punish, Repeat: How Not to Train Humans for Cyber Risk - Ep 154
Shock, Punish, Repeat: How Not to Train Humans for Cyber Risk - Ep 154

Shock, Punish, Repeat: How Not to Train Humans for Cyber Risk - Ep 154

Update: 2025-06-18
Share

Description

What if everything we’ve been doing in cybersecurity awareness training is not just outdated — but harmful?

In this episode of Reimagining Cyber, Rob Aragao, Chief Security Strategist at OpenText, talks with Craig Taylor, co-founder and CISO at CyberHoot,  who makes a bold claim: punishment-based training is not only ineffective — it’s counterproductive. Drawing from his background in psychology and years of cybersecurity leadership, Craig explains why we need to ditch outdated tactics and embrace positive reinforcement to reduce human risk.

From the failure of fake phishing tests to real-world results from forward-thinking organizations, Craig reveals a smarter, more human-centered way to train. If you're tired of scare tactics and want a strategy that actually builds cyber resilience, this episode is your wake-up call.

Follow or subscribe to the show on your preferred podcast platform.
Share the show with others in the cybersecurity world.
Get in touch via reimaginingcyber@gmail.com

As featured on Million Podcasts' Best 100 Cybersecurity Podcast and Best 70
Chief Information Security Officer CISO Podcasts
rankings.



Comments 
loading
00:00
00:00
x

0.5x

0.8x

1.0x

1.25x

1.5x

2.0x

3.0x

Sleep Timer

Off

End of Episode

5 Minutes

10 Minutes

15 Minutes

30 Minutes

45 Minutes

60 Minutes

120 Minutes

Shock, Punish, Repeat: How Not to Train Humans for Cyber Risk - Ep 154

Shock, Punish, Repeat: How Not to Train Humans for Cyber Risk - Ep 154

Reimagining Cyber