'Humans, right?' Soft skills and security

Presented at BSides Austin 2017, May 5, 2017, 2 p.m. (60 minutes)

Let's face it: humans ruin everything. They are almost always the weak link in the information security chain, between their susceptibility to social engineering, rejection of security threats, and sheer laziness. You can make the best security tool in the business, but if a human doesn't use it right, well, they might as well leave their passwords on a sticky note on their-- wait a minute. Yes, humans suck at information security. But we don't make it easy. Infosec is incredibly inaccessible to your average user. Just ask me: I am one. We can't change humans (or get rid of them, no matter how much we might want to), but we can change information security. We can leverage insights from non-technical disciplines such as cognitive science, human-centered design, strategic communications, and psychology. Or we can keep hitting our heads against our desktops. Help me help you help us: because security won't work until it works for everyone.

Presenters:

• Ariel Robinson
  Ariel Robinson is a writer and analyst in Washington, D.C. Her academic background is in cognitive science and linguistics, and her career has centered around defense, national security, and technology. Ariel is a communications specialist, and translates for subject matter experts across disciplines, using pictures and small words to solve big challenges.

Links:

• https://bsidesaustin2017.sched.com/event/AP29/humans-right-soft-skills-and-security

Similar Presentations:

• Diana Initiative 2020 Virtual / Empathy as a Service to Create a Culture of Security Keynote
• BruCON 0x08 (2016) / Security through design - Making security better by designing for people
• Black Hat USA 2016 / Security Through Design - Making Security Better by Designing for People