Stop, Drop, and Roll: How to Create Easy, Relatable, & Retainable Security Awareness Programs

Abstract:

At a very young age, we are taught that if we ever catch fire, to STOP! DROP! and… ROLL!
But how many times have you caught on fire?  I would venture to say zero.  The odds of us having our data stolen, impersonated or hacked are far likely, yet we make training and awareness so difficult…nothing like “Stop, Drop, & Roll”!

My approach for security awareness is similar as I make it easy, relatable, and retainable.  By incorporating senses into the security program, I have developed a true layered approach.  And by making it easy, folks are more likely to become the “CISO at home” where they teach their family and friends.  It allows for memory retention and security becomes second nature.  This is where behavior truly is changed.  This is what winning looks like in the security awareness world and reduces human risk.

Importance: IT and OT professionals who eat, sleep, and breathe security, complicate things for the average learner.  If we expect non-security people to understand and implement secure practices, we have to make it easy and retainable.  This talk is intended for anyone who:
* Manages a Security Awareness Program
* Manages Human Risk
* Needs to create a security program within their workforce
* Is looking to mature their existing security program
* Is looking for fresh ideas to revive their security program
* Is a caretaker looking for ways to teach security to their parents/children
* Wants to network with someone who eats, sleeps, and breathes security awareness!