Shifting to security awareness 2.0
Jason Hoenich explores the risks related to delivering poor awareness programs rather than adapting to changing needs and demands of the attack surface and learning behaviors of humans. Incorporating the key fundamental behavioral psychology nodes for establishing true culture change, and making the experience of the end user will move our programs to Security Awareness 2.0.
| Talk Title | Shifting to security awareness 2.0 |
| Speakers | Jason Hoenich (Habitu8) |
| Conference | O’Reilly Security Conference |
| Conf Tag | Build better defenses |
| Location | New York, New York |
| Date | October 30-November 1, 2017 |
| URL | Talk Page |
| Slides | Talk Slides |
| Video | |
Security awareness programs have been following a consistent template for several years. The problem is time and time again hacks are the result of simple human error. We can keep doing the same thing and get the same results, or we can move into the next generation of security awareness programs. Jason Hoenich explores the risks related to delivering poor awareness programs rather than adapting to changing needs and demands of the attack surface and learning behaviors of humans. Security awareness 2.0 focuses on making the end-user experience the focus of efforts when designing a program plan—assessing the culture, customizing learning specific to your audience, creating engaging programs and events, and designing everything around metrics that tell an accurate story. All of this results in greater efficiency and strength for your incident response teams. When users know how to report, what to report, and when to report, it allows IR teams to extend throughout the network.
