Welcome to the Re-Thinking the Human Factor podcast. It’s a podcast for information security professionals, where we will be asking our guests to share thoughts and insights on security awareness, behaviour and culture.
Our guests come, predominately, from outside of the security industry. They all specialise in elements of awareness, behaviour and culture, or they have effectively tackled similar challenges, in their own industry or careers. The one thing that unites them all is their willingness to share their experience in the hope it might give our audience food for thought.
Embracing Diverse Skills When Building an Effective Education and Awareness Team.
When I first got involved in “information security” 20+ years ago, I found myself almost entirely surrounded by industry peers whose training and experience was in technology or technology disciplines. My training in law, marketing and finance, and my experience in business development, marketing, recruitment and even a stint in purchasing and supplies all seemed out of line with the world of IT security as it was called back then.
As I came to understand, during my own research in human behaviour and culture, my lack of an education in technology meant I was culturally and even physically wired differently. This meant I looked at things through a different set of lenses. The result, was an approach that we would now call governance, risk and compliance. However, it was these very human disciplines, which led me to fundamentally think differently when it came to kicking off the Re-thinking the Human Factor research programme.
Our guest Lana McGill, to me, enshrines the change in direction of an increasing number of forward thinking security professionals looking for a more mature approach to employee awareness, behaviour and culture. Lana believes that by diversifying their search for skills and experience, outside of the traditional industry expectations, you can bring new insights and energy to the challenge of influencing employee behaviour and culture. Her role as a senior information security leader, in the finance sector, and her willingness to embrace other skills and experiences in the search for more effective interventions, gives hope that the industry inertia, when it comes to the human factor, may finally be shifting.
©Copyright Marmalade Box Limited
The content of this podcast is the property of Marmalade Box Limited. Any use of the content of the podcast, either in full or partially, will be considered an infringement of Marmalade Box Limited rights as sole owners of this content. Any enquiries about the use of this content should be directed to Marmalade Box Limited. Contact information can be found at www.marmaladebox.com .
The Science Behind Metrics
Finding relevent metrics, for security awareness, behaviour and culture has been a long standing challenge which the information security industry has struggled hard to address.
Now, when I reflect on how I personally tackled metrics, around the human factor, before I kicked off my research programme here at Re-thinking the Human Factor, I recognise I had an in-mature approach. That approach focused on what data I knew I could get rather than what was useful. Some industry folks called this "vanity metrics." That's all changed now, and that change started off, with getting back to basics by looking at what the science of measurement had to say.
In this episode our guest and I talk about the sceince of measurement, how it is has evolved to enable human kind to progress at every stage of human evolution and how this knowledge might shine a light on the challenge of finding effective metrics when it comes to employee awareness, behaviour and culture.
If you want to know more about how we have used this and other insights into metrics to support information security professionals measure the effectiveness of their programmes to influence security awareness, behaviour and culture then visit www.re-thinkingthehumanfactor.com and register for the monthly webinar.
Insights from Educational Psychology for Information Security Professionals
Educating employees on their roles and responsilities when it comes to information security and data protection, is common sense, and, even if you don't think that's the case, it is, without a doubt, a regulatory obligation for many. So, what is "education" and what is going on in the world of learning and development which might help us to re-think the human factor?
In this episode our guest, Teisa Marshik, a respected educational psychologist and passionate educator, shares how her's and her colleagues approach to educating learners is changing. We cover everything from how the effectiveness and success of education is measured, through to how advances in our understanding of human behaviour and culture, mean we now recognise that students are consuming and responding to education content based on their own life experiences and situations and what this means for traditional best practices in L&D.
Understanding the forces at play.
Our guest, is Dr. Ben Evans. Ben is an aeronautical engineer, and he’s applying his understanding of the forces at play, to the seemingly insurmountable challenge of conquering the breaking a world record at the Bloodhound Land Speed Project.
Ben talks about the laws of science and engineering which help him to find the marginal opportunities for improvement which are helping the team towards breaking the world record. But, in this interview, it’s also clear to me, that success is a matter of teamwork often with colleagues with different and sometimes conflicting priorities.
Understanding the forces at play includes understanding science and nature, even when it comes to human awareness, behaviour and culture, but it’s also about understanding the forces at play across stakeholders, where often conflicting priorities and interests can arise. Getting the “Team” aspect right, you could argue is as important as the science which drives decision its self.
The human factor. A view from Brazil.
In this episode we look through the eyes and experiences of an education and awareness manager from Brazil. We explore the consistent challenges, no matter where you are or what your culture is, when it comes to employee awareness, behaviour and culture.
Thoughts from the world of branding.
In this episode we delve into the world of branding with the out standing Geraldine Michel and explore possibilities for security professionals responsible for the human factor.
We draw on lessons from the world of fashion, by skirting through branding and how Brand Directors and Managers utilise this mammoth of the modern day commercial world to shape and influence behaviour and culture.