I am super excited to announce that I will be teaching my course “building security culture as a defense” again this year during Blackhat in Las Vegas, along with the talented Marisa Fagan. Last year we had the opportunity to teach this class with stellar reviews (4.8/5 average score) and we are back to do it again.
This year, we are compacting the content into one action-packed day. We are hosting the course in a Caesars Palace suite with a cap on attendance size to drive more tailored discussions.
This will be a unique opportunity to learn how to build an effective security culture from leading experts and create community with similarly-minded practitioners. Don’t miss it!
As the technology industry races to create new technologies to thwart attacks and stay ahead of hackers, one of the biggest weakness remains employees themselves. Organizations with an innovative behavior-change approach have been able to transform their employees into key assets in defending their organization and continue to see increasingly promising results on phishing tests, trainings, and red team exercises.
This course will look at the multi-step approach innovative companies have taken to not only educate the company’s employees about security, but also to make them care and invested in their part of securing the company.
The steps included measuring key behaviors, expanding training with a Learning Management System, using gamification to reward employees, engaging high risk demographics with community building techniques, increasing training to developers with a Champions program, reviewing the internal communications plan, and rethinking the company mandated security awareness training. These are practices that can be incorporated into any organization.
This course will give students the tools to customize these concepts to fit the culture of their company and develop their roadmap to successfully contribute to the security of the company.
- Defining company security culture
- Measuring key behaviors and knowing your impact
- Expanding the role of training using advanced Learning Management Software
- Using gamification to reward employees and change behavior
- Building sustainable communities out of groups
- Identifying and recognizing Security Champions for key assets
- Reviewing the internal communications plan
- Rethinking the company mandated Security Awareness Training
WHO SHOULD TAKE THIS COURSE
Anyone who can benefit from understanding how to change behaviors in a company.
- A high level understanding of the Vision and Mission of the company
- A deep understanding of the behaviors and security risks caused by employees
WHAT STUDENTS SHOULD BRING
All materials will be provided. There will not be computer exercises, but an internet-enabled device for web browsing and note taking will be helpful (but not required.)
WHAT STUDENTS WILL BE PROVIDED WITH
Course materials and slides
Currently enrolled students: $200/pp