• United States



Too Much Government Training?

Mar 14, 20083 mins
CareersIdentity Management SolutionsIT Leadership

 The conventional wisdom is that government security culture at all levels suffers from a lack of training. But leaving the quality, timeliness and relevance of specific courses aside for a minute, is it possible that the real problem is too much training? Some say yes, but I doubt it.

This topic came up in response to a Federal Computer Week article regarding Partnership for Public Service creates leadership institute for innovation”


Here’s an excerpt: “The last thing government employees need is more time in a classroom. Where does it end? I swear that between training, conferences, meeting and their generous vacation, federal employees are present for their actual jobs about 50 percent of the year max. They are the most “trained” body of people on the planet? Does it help or hurt, really? 

Of course, the comment came from that ever so popular expert “Anonymous.”

This blog got me rethinking about training, so I searched around for more evidence. As I suspected, other surveys say the opposite. A Brookings Institute report entitled: “Federal Employees – “Give us a Chance to Do Our Jobs”  reported that federal employees don’t have the required tools – including training – to do their jobs as they would like.

The report also said this about public sector life , “Federal employees also say they contribute to their agency’s mission, and half characterize their organizations as very good at helping people. The majority also say that the people they work with are open to new ideas, willing to help other employees learn new skills, and are concerned about their organization’s mission.

Unfortunately, these positive views are tainted by persistent perceptions among the workers that the federal government does not give its employees the tools to do their jobs well. Substantial minorities say their organizations do not have enough access to information, technological equipment, and training, and a majority believes their organizations do not have enough employees to do its job well.”

In my opinion, most state and local government organizations require more, not less, training.

Of course, the real issue is the relevance and effectivness of the training received. In tough budget times, training and conferences are the first thing to go in state governments – where we need a balanced budget every year by law. I don’t know of any government organizations that train as well as Hewlett Packard – who have detailed metrics to ensure that extensive training always happens.

While there are entire books and websites on training, there is no doubt that security training competes with many other types of government training. A very different set of questions could be asked about cyber security training and/or technology training. But my main point is that I believe wider views on government training need to be understood and analyzed before security training will be effective in the long run in large organizations.

The Brookings report also stated:  

“Asked what might explain the level of poor performance, federal employees and managers are not particularly forgiving toward either their organizations or the poor performers. Only 16 percent say the poor performers do not have the training to do their jobs well. A little more than 30 percent say the poor performers are simply not qualified for their jobs, and 37 percent say their organizations do not ask enough of those employees.”

There are certain problems that more training will definitely not fix.


Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist and author. During his distinguished career, Dan has served global organizations in the public and private sectors in a variety of executive leadership capacities, including enterprise-wide Chief Security Officer (CSO), Chief Technology Officer (CTO) and Chief Information Security Officer (CISO) roles in Michigan State Government. Dan was named: "CSO of the Year," "Public Official of the Year," and a Computerworld "Premier 100 IT Leader." Dan is the co-author of the Wiley book, “Cyber Mayday and the Day After: A Leader’s Guide to Preparing, Managing and Recovering From Inevitable Business Disruptions.” Dan Lohrmann joined Presidio in November 2021 as an advisory CISO supporting mainly public sector clients. He formerly served as the Chief Strategist and Chief Security Officer for Security Mentor, Inc. Dan started his career at the National Security Agency (NSA). He worked for three years in England as a senior network engineer for Lockheed Martin (formerly Loral Aerospace) and for four years as a technical director for ManTech International in a US / UK military facility. Lohrmann is on the advisory board for four university information assurance (IA) programs, including Norwich University, University of Detroit Mercy (UDM), Valparaiso University and Walsh College. Earlier in his career he authored two books - Virtual Integrity: Faithfully Navigating the Brave New Web and BYOD For You: The Guide to Bring Your Own Device to Work. Mr. Lohrmann holds a Master's Degree in Computer Science (CS) from Johns Hopkins University in Baltimore, Maryland, and a Bachelor's Degree in CS from Valparaiso University in Indiana.

More from this author