Surfing the Motivation Wave to Create Security Behavior Change

Presented at BSidesSF 2019, March 4, 2019, 11:45 a.m. (30 minutes).

For decades security awareness programs have been based on the assumption that employees don't know the correct course of action and with the right training, they will start performing more securely. However, this approach has not proven to be effective. A second dimension needs to be considered in security behavior change: motivation. This talk will explore how and when to motivate employees to security action. It will also discuss how to "surf" motivation generated by both predictable and unpredictable security events to drive security behavior change in a workforce. Finally, this talk will explain how to measure changes in employees' security behaviors and how practitioners can create meaningful metrics.


Presenters:

  • Masha Sedova - Elevate Security
    Masha Sedova is an industry-recognized people-security expert, speaker, and trainer focused on engaging people to be key elements of secure organizations. She is the co-founder of Elevate Security delivering the first people-centric security platform that leverages behavioral-science to transform employees into security superhumans. Before Elevate, Masha Sedova was a security executive at Salesforce where she built and led the security engagement team focused on improving the security mindset of employees, partners, and customers. In addition, Masha has been a member of the Board of Directors for the National Cyber Security Alliance and regular presenter at conferences such as Black-hat, RSA, ISSA, Enigma, and SANS.

Links:

Similar Presentations: