Presented at
CarolinaCon 13 (2017),
May 21, 2017, 2 p.m.
(60 minutes).
This talk is part of an open source project I'm heading up called The Human Security Assurance Maturity Model or HumanSAMM for short. This is the first in talks about methodologies designed to address the human problem. This first talk focuses on common mistakes made in deploying security awareness programs and tips on how to increase effectiveness and efficiency. These methodologies have been effective in the real world to drive user risk well below 1%
Presenters:
-
Joshua Crumbaugh / Naga
as Joshua Crumbaugh
Joshua Crumbaugh is the founder of PeopleSec and experienced penetration tester with an impressive background performing high end security assessments against high profile targets. He is also an expert social engineer who has talked his way into bank vaults, fortune 500 data centers, corporate offices, restricted areas of casinos and more. His experiences highlighted a significant need for a better "human solution" -- This led him identify key mistakes commonly made in security awareness training programs and answer the question of how "patch stupid".
Links: