Key Learning Points
- Why it is so difficult to get employee engagement on security issues
- Why fear, uncertainty, and doubt are decimating your security message
- How to establish vision and mission to drive engagement and concepts for building an effective security team
Level Intermediate
Security leaders are under supreme pressure to build security programs that simultaneously protect the business without disabling it. However, the most daunting impediment to any security program is not technologies or regulations, but rather persuading employees to follow good security practices. As a security leader, how do you engage people to take security and risk management seriously?
The answer is security vision. People naturally protect and defend things they care about. An effective security program must look beyond policies and process, to build a foundation of purpose and meaning. It must connect people to the business and naturally promote care. When we ground a security program in an organizational vision, mission, and core values, we can better align to the business and cultivate employee engagement and care.
In this presentation, veteran security leader, as well as a CEO, Andrew Plato will discuss how to use security vision to improve the conversation with your team. We will discuss communication, leadership, and motivational strategies that inspire co-workers to embrace good security practices.
About Andrew Plato
In 1995 while working at Microsoft, Andrew executed the first known instance of a SQL Injection attack against an early e-commerce site. When he demonstrated this attack to the developers, they dismissed the issue as irrelevant. Intrigued, Andrew left Microsoft to found Anitian, an information security intelligence firm.
Today, Anitian is one of the most trusted names in security intelligence with clients worldwide. Anitian has a mission to Build Great Security Leaders. For the past 20 years, Andrew and Anitian have consistently executed on this mission with innovative, pragmatic answers to the most vexing security, compliance, and risk challenges.
Andrew’s career encompasses nearly every dimension of information security. He has participated in thousands of security projects, written hundreds of articles, and advised hundreds of C-level executives. Being a both a business owner and security practitioner allows Andrew to bring a unique perspective to any discussion regarding security, technology, and governance.
Andrew is well-known for delivering entertaining presentations that challenge conventional thinking and deliver practical answers to complex IT security challenges.
This session sponsored by Anitian.