As security professionals, we see all the security mess-ups that end users do, whether intentional, or more often, inadvertently, that put our organizations and data at risk. In the past, we used terms like PEBCAK, which stands for Problem Exists Between the Chair and Keyboard which reinforces the old stance of blaming users for poor behavior and pointing fingers. It’s time we take control and take the blame and work harder to help users be the solution and not the problem. In this session we will look at borrowing from the playbooks of the marketing world, an industry that is well versed at creating memorable messages that result in desired behaviors by the message creators. We will also look at the playbooks of the behavior specialists to learn how to motivate adults and change behaviors to make our organizations more secure.
About Chrysa Freeman
Chrysa has been in corporate security for 15 years. She’s built security awareness programs from the ground up in various industries including retail, technology, and healthcare. Chrysa is currently senior manager of Security Awareness and Policy at Code42. She is passionate about presuming positive intent and helping users become security zealots. Chrysa enjoys sharing her knowledge on building world class security awareness programs. She has spoken at Secure360, the ISC2 Congress, The Wall Street Journal Cybersecurity Forum, WiCyS and the Minnesota Continuing Legal Education Conference. Chrysa received a Visionary Leadership Award at the 2018 Cyber Security Summit for her contributions in this field and writes various blogs on security awareness and security culture.