How to Patch Stupid - A modern approach to remediating user risk

Presented at CarolinaCon 13 (2017), May 21, 2017, 2 p.m. (60 minutes)

This talk is part of an open source project I'm heading up called The Human Security Assurance Maturity Model or HumanSAMM for short. This is the first in talks about methodologies designed to address the human problem. This first talk focuses on common mistakes made in deploying security awareness programs and tips on how to increase effectiveness and efficiency. These methodologies have been effective in the real world to drive user risk well below 1%

Presenters:

• Joshua Crumbaugh / Naga   as Joshua Crumbaugh
  Joshua Crumbaugh is the founder of PeopleSec and experienced penetration tester with an impressive background performing high end security assessments against high profile targets. He is also an expert social engineer who has talked his way into bank vaults, fortune 500 data centers, corporate offices, restricted areas of casinos and more. His experiences highlighted a significant need for a better "human solution" -- This led him identify key mistakes commonly made in security awareness training programs and answer the question of how "patch stupid".

Links:

• https://infocon.org/cons/CarolinaCon/CarolinaCon 13 2017/How to Patch Stupid - A modern approach to remediating user risk - Joshua Crumbaugh.mp4
• https://infocon.org/cons/CarolinaCon/CarolinaCon 13 2017/How to Patch Stupid - A modern approach to remediating user risk - Joshua Crumbaugh.srt (subtitles)
• https://www.youtube.com/watch?v=1wR6NjbiU-o