Practical Analysis of Awareness

Presented at Hackfest 2017, Nov. 3, 2017, 3:30 p.m. (Unknown duration)

Many organizations today participate in some form of Security Awareness training. Whether it be something that is produced internally or supplied by a third-party vendor, the goals are very much the same: educate the end user to prevent becoming the next big breach news story. We all know the phrase ‘you can't patch humans', but what metrics can we use to see if our awareness efforts and methods are effective? Believe it or not, as Security Analysts, we have a lot of valuable information at our fingertips that can show us just how effective these programs are… and no, I'm not just talking about the results of your last phishing campaign.

Presenters:

• @4n6Kendra
  Kendra has over five years of experience in several areas of Information Security including user administration, security operations and compliance. She focuses primarily on Incident Response and user education. Kendra holds a Bachelor's degree in Digital Forensics and the CISSP certification. Kendra speaks regularly at Security related events and is an advocate for practicing proper security hygiene. In her free time she enjoys wine and memorizing movie lines.

Links:

• https://hackfest.ca/en/2017/speakers2017/#awareness
• https://infocon.org/cons/Hackfest/Hackfest 9 2017/Practical Analysis of Awareness (Kendra Coooley).mp4
• https://infocon.org/cons/Hackfest/Hackfest 9 2017/Practical Analysis of Awareness (Kendra Coooley).eng.srt (subtitles)
• https://www.youtube.com/watch?v=CHjH97VuYC8

Similar Presentations:

• Kernelcon 2023 / The Big Bang for Security Awareness
• DerbyCon 2.0 Reunion (2012) / It’s Not Your Perimeter, It’s You That Sucks!
• Wild West Hackin' Fest 2019 / Campfire Stories - 15 minutes each