Learning to be a Strategic Skeptic: Promoting Critical Thinking, Digital Literacy

  • By
  • Sep 16, 2024

Research from the National Skills coalition (NSC) suggests that 92% of today’s jobs require digital skills. It’s frankly hard to believe that figure isn’t at 100 percent. Businesses of all kinds are significantly impacted by applications that manage all sorts of transactions internally and externally. The capture, storage, and use of data is prolific across all industries—and subject to increased risk of unauthorized access and cybersecurity breaches.

Unfortunately, despite the unarguable need for critical thinking and digital literacy among today’s employees, research suggests that one-third of Americans lack basic digital skills. That statistic grows when considering more advanced skills that are required to protect company data and systems. When we say digital literacy, we mean skills for:

  • Data analytics and interpretation
  • Cybersecurity awareness
  • Digital communications
  • Technology management

Developing these talents has always been a challenge, particularly in an environment where misinformation and AI-generated content are proliferating. The ability to discern truth from mistruth (and misdirection) is more critical than ever, especially for business.

The Digital Disinformation Pandemic

Organizations today operate in an environment of digital disinformation that is blurring the line between fact and fiction. The rise of generative AI and sophisticated manipulation techniques applied by cybercriminals represent significant threats to brand reputation and revenues. As ongoing media reports attest, even the biggest and arguably most technology-savvy companies are not immune to these risks.

Strategic Skepticism: A New Core Competency

Strategic skepticism is the new core competency all organizations should be working to instill among employees. This isn’t just about fact-checking. It’s about developing a mindset that questions information received from all sources, that considers context, and that is alert to signs of mis- or disinformation.

Here are strategies to develop and implement critical thinking and digital literacy:

Integrate critical thinking into training programs:

Most organizations have data security and digital information training programs in place as part of their security initiatives. Hopefully, those efforts are ongoing and part of an overarching process to develop and sustain a healthy security culture. These programs should be evaluated to ensure that they include a focus on critical thinking skills, including:

  • Recognizing cognitive biases and understanding how they affect decision-making.
  • Understanding how misinformation is spread—what to look for and look out for.
  • Identifying emotional manipulation.

Create a culture of questioning:

“Believe nothing, question everything” may seem Machiavellian but, unfortunately, in this business environment, it’s a good foundational element of a skepticism strategy. Employees must even be skeptical of what may appear as internal communications.

In Hong Kong, for instance, a finance clerk was tricked into doling out $25 million after participating in a video call where the company CFO seemingly issued this directive. Unfortunately, the effort was a deepfake.

Making employees aware of these types of incidents can be a good way to illustrate the reality of these risks and to generate conversations in support of strategic skepticism. Some additional ways to encourage this type of skepticism include:

  • Rewarding and supporting thoughtful skepticism during meetings and discussions.
  • Instituting a formal “devil’s advocate” role in strategic discussions.
  • Sharing and celebrating examples of how strategic skepticism has paid off.

Develop protocols for verifying information:

Don’t leave the verification and vetting of critical information to chance. Create clear guidelines to help verify information before it’s used in business decisions or external communications. This might include:

  • Checklists for evaluating the credibility of sources.
  • Procedures for cross-referencing information through multiple sources.
  • Guidelines for using generative AI and AI-powered fact-checking tools.
The SIFT method (Stop, Investigate, Find better coverage, Trace claims to the original source) can also serve as a good framework for helping employees quickly evaluate the relevance and credibility of information. Incorporating this model into your organization’s information handling processes can be a great way to minimize the potential for risk.

Invest in AI literacy:

That old adage, “If you can’t beat them, join them,” could certainly apply to the proliferation of AI tools that represent both risk and potential. AI tools are not going away; in fact, many hold positive potential. Teaching employees how to use these tools appropriately and responsibly can be a great aid in building strategic skepticism among users. Develop guidelines and train employees on how to deploy these tools appropriately and share examples of how the use of these tools has aided in identifying and warding off risks.

Instill some fun:

Traditional methods of teaching IT and digital literacy are often fraught with jargon and approaches that have failed to engage participants. Cybersecurity education doesn’t have to be dry, boring, and off-putting. Consider ways to better engage employees by incorporating elements of gamification and competition into training events. For instance:

  • “Digital literacy challenges” that encourage employees and groups to compete against each other for prizes—or simply bragging rights.
  • “Spot the fake” contests using actual and AI-generated content to see if employees can discern differences.
  • Simulations of real-world misinformation examples.
  • Phishing challenges with debriefings to share successes and examples of how employees (and executives) may have been tripped up.

Learning from both successes and failures can be a great way to build an environment that supports trust and transparency. There are a variety of ways that you can support and develop strategic skepticism skills among employees in innovative and engaging ways. Making these efforts a part of your ongoing commitment to sustaining a strong security culture can help turn potential threats into a competitive advantage.

This article originally appeared in the September / October 2024 issue of Security Today.

Featured

  • Brivo, Eagle Eye Networks Merge

    Dean Drako, Chairman of Brivo, the leading global provider of cloud-native access control and smart space technologies, and Founder of Eagle Eye Networks, the global leader in cloud AI video surveillance, today announced the two companies will merge, creating the world’s largest AI cloud-native physical security company. The merged company will operate under the Brivo name and deliver a truly unified cloud-native security platform. Read Now

  • Security Industry Association Announces the 2026 Security Megatrends

    The Security Industry Association (SIA) has identified and forecasted the 2026 Security Megatrends, which form the basis of SIA’s signature annual Security Megatrends report defining the top 10 factors influencing both near- and long-term change in the global security industry. Read Now

  • The Future of Access Control: Cloud-Based Solutions for Safer Workplaces

    Access controls have revolutionized the way we protect our people, assets and operations. Gone are the days of cumbersome keychains and the security liabilities they introduced, but it’s a mistake to think that their evolution has reached its peak. Read Now

  • A Look at AI

    Large language models (LLMs) have taken the world by storm. Within months of OpenAI launching its AI chatbot, ChatGPT, it amassed more than 100 million users, making it the fastest-growing consumer application in history. Read Now

  • First, Do No Harm: Responsibly Applying Artificial Intelligence

    It was 2022 when early LLMs (Large Language Models) brought the term “AI” into mainstream public consciousness and since then, we’ve seen security corporations and integrators attempt to develop their solutions and sales pitches around the biggest tech boom of the 21st century. However, not all “artificial intelligence” is equally suitable for security applications, and it’s essential for end users to remain vigilant in understanding how their solutions are utilizing AI. Read Now

Most   Popular

New Products

  • FEP GameChanger

    FEP GameChanger

    Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction.

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis.

  • Mobile Safe Shield

    Mobile Safe Shield

    SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame.