Speaker, podcaster, blogger on cyber security awareness and security culture. Founder of Click Armor the inclusive, gamified security awareness training and assessment platform.
Today's Live Cyber Security Awareness Forum panel session will discuss: "Statistics and insights from the 2024 IBM Cost of a Data Breach Report"
We'll explore questions related to security awareness training and human risk management programs.
Everyone is welcome...
https://us02web.zoom.us/webinar/register/2017254541175/WN_8yz1zP52SUevDift3PBLzw
We're excited to be starting our Live CSAF panel session shortly at 1pm EDT on:
Keeping your employees engaged with security concepts through microlearning.
Hope to see you there...
https://us02web.zoom.us/webinar/register/7217242585447/WN_rrOzTgeJSTa_IILrRq6vLA
Have you ever wished cyber security training could be done in smaller chunks that people could have a chance to process?
Join our live panel session Wed. at 1pm EDT on:
Keeping your employees engaged with security concepts through microlearning.
https://us02web.zoom.us/webinar/register/8317241896684/WN_rrOzTgeJSTa_IILrRq6vLA
Today, we're holding a live panel session on "Combatting fraud on employees and customers from cyberattacks" today at 1pm EDT.
Here's the link to the Zoom session page...
https://us02web.zoom.us/webinar/register/4817181913328/WN_2DiEhawkQ1e-6lojClqWdw
Today's Live Cyber Security Awareness Forum panel session is on "The problem of employees using FREE stuff from the Internet."
Everyone is welcome.
#csaf #cybersecurityawarenessforum
https://us02web.zoom.us/webinar/register/4117048890923/WN_aS5vJaPaRg-0CATjBcW07Q
Don't forget about today's Live Cyber Security Awareness Forum on "The top cyber security awareness stories of 2023"...
https://youtube.com/shorts/cLRDBGldCL4?si=Qf2Xh_mKCAr0ypdy
Register for today's session here:
https://us02web.zoom.us/webinar/register/9017024736763/WN_AG4QmRI8Rpa41D6TlwsRCA
hashtag#csaf hashtag#cybersecurityawarenessforum hashtag#securityawareness hashtag#securityculture hashtag#humanriskmanagement hashtag#networking
Join us today for our next Live Cyber Security Awareness Forum panel session on "Helping vulnerable populations with cyber security challenges" today at 1pm EST.
We all know people who are in demographics that are targeted, such as seniors, children, individuals in abusive relationships, etc.
How can security awareness programs help employees who are living in proximity to these threats?
https://us02web.zoom.us/webinar/register/7717012608362/WN_3_sizyXpR9-2gmqMtkyWdw
Working in cyber security can wear you down. Even if you love the work.
The results of your good work rarely show as a big red, flashing sign that says "You succeeded". Sometimes you wonder if anyone even notices.
But when you can speak to others who are facing the same issues in other organizations, you realize that the work you are doing is really important.
One day, you'll likely see a news story where another organization just like yours fell victim to an attack, and you realize that what you've done makes it less likely to happen in your organization.
That's when you understand the value of what you are contributing.
Come and join the Cyber Security Awareness Forum live panel discussion today, and hear from others in the security awareness industry who have dealt with similar challenges to the ones you're facing.
https://us02web.zoom.us/webinar/register/6017000567129/WN_638kBM5tTzaVM-_oCT3soA
#csaf #cybersecurityawarenessforum #securityawareness #securitymanagement #riskmanagement #humanriskmanagement
There are some well-known reasons why gamification is considered to be a good tool for cyber security training and awareness programs.
There are also some misconceptions about gamification that tend to lead people to dismiss the approach.
In today's live Cyber Security Awareness Forum panel discussion, we'll dig into "The pros and cons of gamification in a security awareness program"
Joing us at 1pm EDT today (Wednesday, November 1), and bring your questions or comments...
https://us02web.zoom.us/webinar/register/4316988555351/WN_FQ_uqVfESBazpD2HYNlcWA
#csaf #cybersecurityawarenessforum #gamification #securityawareness #securitymanagement #riskmanagement #securitytraining
Here are the stories in this week's Human Cyber Security Insights newsletter:
🎯 Why employees avoid awareness training
🎯 A high profile breach at Nansen may foreshadow new phishing attacks
🎯 Top security myths that all employees should know about
🎯 What should be in an annual security awareness program?
🎯 The risks from impersonating internal teams without their cooperation
https://www.linkedin.com/pulse/scotts-human-cyber-security-insights-october-03-2023-wright-cisa
#cybersecurity #securityawareness #humanriskmanagement #riskmanagement #securitymanagement #phishing
The plight of the Security Awareness Manager:
"I think the boss's decision is wrong, but the boss thinks my opinion is irrelevant"
We hear something like the above quote almost every week when speaking to security awareness managers.
It's because the authority structure in which the "security awareness" function must exist is challenging in many organizations.
Those who decide that the organization needs a security awareness program often have some pre-conceived ideas about what should be in them.
But many times, they also have no idea. It's just a checkbox that somebody needs to fill.
When it's done for compliance reasons, it's common for managers and executives forget that standards are there to provide a baseline for managing risks... the bare minimum.
So, when the responsibility for preparing a security awareness program plan is delegated, there isn't usually much useful guidance from, or collaboration with, senior management.
But those who are given this responsibility quickly learn that there are a lot of unexpected questions, variables, paradoxes, and dilemmas that arise when you are mixing technology and people.
Security Awareness Managers need to make sure that their insights are heard at the top.
The money spent on a compliance exercise can often produce a much higher ROI when you plan to implement the program in an intelligent way.
This means leveraging knowledge about the organization's unique attributes to tailor the program appropriately, with the right tools, KPIs and activities.
Otherwise, the compliance exercise will not only produce little to no return on what is spent, it will provide a false sense of security, and may even erode the corporate culture.
So, try to create a meaningful plan for your organization, and find a way to make sure your executives understand the opportunities for turning a cost center into an investment that improves proficiency of staff.
Over 225 security professionals have signed up for today's bi-weekly Cyber Security Awareness Forum.
Think of these sessions as: "The Best Part of Your Security Week"
Attendees love the casual atmosphere, the panel format and the variety of perspectives from CISOs and security awareness managers.
Why not join us today at 1pm EDT, to hear what other security professionals have to say about employee-related risks "beyond phishing links"?
https://us02web.zoom.us/webinar/register/5016940050066/WN_2F_JwTZCThKBK5L3aI4dfw
#csaf #cybersecurityawarenessforum #securityawareness #securityculture #securitymanagement #riskmanagement
Learn what really takes up security awareness managers' time in their jobs.
Join us for today's Live Cyber Security Awareness Forum panel session on:
"A day in the life of a security awareness manager (tasks and challenges)"
We have live audience Q&A with an industry expert panel, to share insights and lessons learned about managing security awareness programs.
https://us02web.zoom.us/webinar/register/7716927883621/WN_FuV5x9lyTj-8RfHItu0cVw
#csaf #cybersecurityawarenessforum #securityculture #securitymanagement #riskmanagement
This week my Human Cyber Security Insights newsletter includes:
âž¡ Using interactivity to engage employees in security awareness
âž¡ Senior care service "Discovery at Home" phishing breach story
âž¡ Getting employees to understand "Why" they need security awareness
âž¡ Recording of Live CSAF session on "Carrots and sticks: Motivating employees in security awareness programs"
âž¡ Rottenphish: When employees learn to spot the test instead of real threats
https://www.linkedin.com/pulse/scotts-human-cyber-security-insights-august-16-2023-wright-cisa/
How do you motivate employees to engage in training and other awareness activities?
Today's Live CSAF panel session will be focused on "Carrots and sticks: Motivating employees in security awareness programs"
https://us02web.zoom.us/webinar/register/5616915853829/WN_-H8Jmx_JTC2zRxpbXY3M4A
Sorry, the link to the newsletter is here:
https://www.linkedin.com/pulse/scotts-human-cyber-security-insights-july-26-2023-scott-wright-cisa
Today's issue of the Human Cyber Security Insights newsletter is now out:
https://us02web.zoom.us/webinar/register/8216903721224/WN_poIXI1T7Q9-EcH81D5Z7WQ
and it covers:
- Using graphical context for security awareness training
- A college data breach caused by a supplier's application software vulnerability
- Reminder tips for remote work security
- Another #rottenphish phishing simulation tip
- Today's Live CSAF panel discussion on using timely news stories and anecdotes for security awareness
Today's issue of the Human Cyber Security Insights newsletter is now out:
https://us02web.zoom.us/webinar/register/8216903721224/WN_poIXI1T7Q9-EcH81D5Z7WQ
and it covers:
- Using graphical context for security awareness training
- A college data breach caused by a supplier's application software vulnerability
- Reminder tips for remote work security
- Another #rottenphish phishing simulation tip
- Today's Live CSAF panel discussion on using timely news stories and anecdotes for security awareness
If your organization has stories to share about how role-based security awareness is making a difference, others want to hear about it.
Too often, organizations miss the opportunity to provide quality security training to staff who have a common risk environment.
Attackers are focusing on roles now, so they can create more compelling pretexts for social engineering.
Soon, it won't be just gift card scams. There will be attacks targeting people like software librarians that give source code access to privileged access to remote attackers.
What ignored roles do you see that can receive value from more focused security training?
Join our live Cyber Security Awareness Forum today at 1pm EDT, where you can hear from an expert panel and learn from live audience Q&A.
https://us02web.zoom.us/webinar/register/4716891587055/WN_pPRjbM7OSJSvSKnOGgxPFQ
#csaf #cybersecurityawarenessforum #securitytraining #securityawareness #riskmanagement #securitymanagement #instructionaldesign
The latest Human Cyber Security Insights newsletter has stories on:
- Human risk management
- A UPS breach notification on tracking tools
- Remediating employee vulnerabilities (Live CSAF Recording)
- #rottenphish phishing test tips
...and more.
https://www.linkedin.com/pulse/scotts-human-cyber-security-insights-july-9-2023-scott-wright-cisa