CISO Summit No. 4: Next Generation Awareness
02jun12:00CISO Summit No. 4: Next Generation AwarenessEffective Awareness proven through Evidence and Metrics
Keynote: Next generation security awareness Speaker: David Lacey In a hyper-connected world there are no secure boundaries. Physical and technical measures alone will not guarantee security. Professional attacks penetrate enterprises through mistakes
Keynote: Next generation security awareness
Speaker: David Lacey
In a hyper-connected world there are no secure boundaries. Physical and technical measures alone will not guarantee security. Professional attacks penetrate enterprises through mistakes by users who can be persuaded to click on infected web pages or email attachments. The only solution is continuous education and reminders in the nature of the risks to users and their own security responsibilities. It is not an exact science, and demands knowledge, skills and artifacts which are not adequately addressed in computer science courses. This presentation examines the state of the art in security awareness and the techniques needed to achieve the maximum impact on users.
David Lacey has more than 25 years professional experience in directing security for leading enterprises such as Shell, Royal Mail and the British Foreign & Commonwealth Office. He is now a freelance researcher, writer and consultant, as well as a keen innovator who has developed many contemporary standards and ideas, including the original text behind ISO 27001. He founded the Jericho Forum, and developed the first fraud detection system based on the human immune system. David is the author of the books «Managing the Human Factor for Information Security», «Managing Security in Outsourced and Off-shored Environments», «Business Continuity Management for Small and Medium Sized Companies», “Advanced Persistent Threats” and “A Practical Guide to the Payment Card Industry Data Security Standard”. He is a visiting senior research fellow of the University of Portsmouth, a member of IO Active‘s Strategic Advisory Board, and a member of the Infosecurity Europe «Hall of Fame». He writes a security blog for Computer Weekly and has published many white papers and media articles.