Human-Centered Securit‪y‬ Voice+Code

Have you ever thought, why don’t people care about cybersecurity? For this episode, I wanted to take a different approach and learn from a branding expert who focuses on rallying people around a common purpose and activating behavior change. Laura Nespoli, founder of Meshin Movement, a brand strategy consultancy, helps us approach cybersecurity awareness from a different angle: encouraging behavior change by not only providing knowledge but rallying people around a common purpose.

One of the biggest obstacles in cybersecurity? Labeling people as the weakest link, says Dr. Margaret Cunningham, experimental psychologist and Principal Research Scientist for Human Behavior at Forcepoint’s X-Lab. She shares why this approach is unproductive, the role human factors plays in her research, as well as human performance, mistakes, and rulebreaking.

Brian Murphy, a security specialist at GreyCastle Security, talks about how we can help employees understand information security by using stories and analogies people already understand and connect with. This connection is the first step in encouraging the behavior change that fosters an organizational culture that then leads to better information security.

Dr. Nobles, a cybersecurity scientist and human factors practitioner, explains how other industries (aviation and medicine, for example) have leveraged the discipline of human factors to reduce human errors and how we should take a similar approach in cybersecurity.

Alexandra Panaretos, EY’s Americas Cybersecurity Lead for Secure Culture Activation, talks about the problem of being on autopilot and blindly trusting technology, the importance of establishing relationships between employees and the security team, and how effective security programs are built by understanding and designing for how people work.

Yan Grinshtein, head of design at HYPR, talks about passwordless security, the value of user research, and why administrators are "the forgotten side of usability."