Hi [[ session.user.profile.firstName ]]

Security Awareness: Securing the Human Layer

It’s common knowledge that humans are the leading cause of IT security incidents. Whether accidental or intentional, a human-centric root cause lies at the center of literally every security incident.

You can’t just eliminate all the humans, so security professionals are left to find reasonable measures to ensure that the human element of their organizations can act as a bulwark of security rather than as a catalyst for disaster. This is easier said than done and requires constant vigilance.

Human security is not a “one and done” effort. It’s an ongoing process often including automated security awareness training and simulated phishing. How do you make it happen? What steps can you take to get there? What are the real problems that need to be solved? Most importantly, do your employees really understand their critical role in protecting your organization?
Recorded Jul 30 2020 59 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Roger Grimes, Scott Lowe
Presentation preview: Security Awareness: Securing the Human Layer

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • SecureWorld Panel: Cybercriminals at Work Recorded: Aug 11 2020 64 mins
    Roger Grimes (KnowBe4), Ashley Stephenson (Corero Networks), Colonel Cedric Leighton, Bruce Sussman (SecureWorld)
    Modern civilization has always been plagued by various classes of criminals. The advent of interconnected devices, allowing for portability of corporate secrets, has given rise to a completely different class of nefarious actors. Cybercriminals range from those bent on stealing your personal information to "cyber terrorists" who have the capability to inflict harm on a much wider scale. Uninhibited by current laws, they are very effective given the speeds of networks, lack of appropriate security controls, and the anonymous nature of the attacker. Making matters worse, the crime may be perpetrated by entities outside of the legal jurisdiction where the unlawful act took place.

    This panel discussion will explore the tools these criminals use, what can be done to prevent them, and how to safeguard your data.
  • Cyber Security: Employee Awareness in the New Normal Recorded: Aug 11 2020 48 mins
    Joanna Huisman, Lesley Charteris, Zsuzsanna Berenyi, Joe Tidy
    Phishing attacks are often seen as the most damaging and most common threat facing businesses. More people are now working from home and for many, this has the new normal – as a result employees have an increased risk of being targeted.

    The panel discussion will look at the current trends in cyber threats - from phishing, vishing and SMiShing - and the importance of employee awareness training and best practice.
  • Tech Corner with Roger Grimes and The Cyber Hub Podcast Recorded: Aug 11 2020 53 mins
    Roger Grimes (KnowBe4), James Azar (The Cyber Hub Podcast)
    In This episode we discuss data driven decision making by cybersecurity practitioners and CISO's. What is the standard of data we need in order to make the right decision in cybersecurity, what data is important and what isn't and how can we set a global standard.

    Roger Grimes is Data-Driven Defense Evangelist for KnowBe4, Inc., is a 33-year computer security consultant, instructor, holder of dozens of computer certifications, and author of 12 books and over 1,000 magazine articles on computer security. He has spoken at many of the world’s biggest computer security conferences, been in Newsweek™ magazine, appeared on television, been interviewed for NPR’s All Things Considered™, the Wall Street Journal, and been a guest on dozens of radio shows and podcasts.
  • Addressing the Challenge of Third-Party Vendor Risk: Securing Your Supply Chain Recorded: Aug 3 2020 59 mins
    James McQuiggan
    Your customer data, intellectual property, and financials are the lifeblood of your organization. If lost or leaked, there could be significant implications to the viability of your business. Maintaining control of that data, especially with third-party services, can be extremely challenging and requires that you ask the right questions and enforce stringent security policies.

    In an environment of increased outsourcing, cloud computing adoption, and regulatory requirements, how do you manage vendor risk and ensure you have a consistent evaluation life cycle

    Join James McQuiggan, KnowBe4's Security Awareness Advocate, to get actionable steps you can use now to better manage your third-party vendor risk. You'll learn:

    The importance of securing your organization's critical data
    How to determine Supplier Security Proficiency
    Why it’s important to understand the source of third-party products
    The impact Vendor Questionnaires have on your Security Posture
    How leveraging a GRC platform can ease the burden of risk assessments and audits
  • Security Awareness: Securing the Human Layer Recorded: Jul 30 2020 59 mins
    Roger Grimes, Scott Lowe
    It’s common knowledge that humans are the leading cause of IT security incidents. Whether accidental or intentional, a human-centric root cause lies at the center of literally every security incident.

    You can’t just eliminate all the humans, so security professionals are left to find reasonable measures to ensure that the human element of their organizations can act as a bulwark of security rather than as a catalyst for disaster. This is easier said than done and requires constant vigilance.

    Human security is not a “one and done” effort. It’s an ongoing process often including automated security awareness training and simulated phishing. How do you make it happen? What steps can you take to get there? What are the real problems that need to be solved? Most importantly, do your employees really understand their critical role in protecting your organization?
  • Combat the Fake News and Disinformation Being Used to Attack Your Organization Recorded: Jul 30 2020 61 mins
    Stu Sjouwerman (KnowBe4’s Founder and CEO), Perry Carpenter (KnowBe4’s Chief Evangelist and Strategy Officer)
    A global cold war is being fought in cyberspace, and IT pros like you are finding themselves in the trenches. With all of this going on, how can you equip your employees and protect your networks from a malicious attack?

    Join Stu Sjouwerman, KnowBe4’s Founder and CEO, and Perry Carpenter, KnowBe4’s Chief Evangelist and Strategy Officer for a deep dive into how the technology we rely on every day is being exploited to deliver powerful disinformation, misinformation, fake news, and other malicious exploits.

    We’ll discuss:

    - How both facts and lies are weaponized

    - Types of delivery systems (email, social media, videos, deep fakes, and more)

    - What’s being done to address these trends

    - Tips to protect your organization and build your human firewall
  • Why the Human Factor is Still the Most Important Part of IT Security Recorded: Jul 27 2020 61 mins
    Rosa Smothers (KnowBe4), Teri Takai (Center for Digital Government)
    Smart network security involves a mix of hardware and software solutions designed to safeguard your data. But there’s another key security factor that’s just as vital, and it’s one that’s frequently neglected by technologists: the human element. Understanding the human risk factor and the role it plays in creating network vulnerabilities is vital to ensuring that your systems and your data are safely protected.

    And it’s never been more important for state and local tech leaders to get it right. The shutdowns and economic turmoil of the coronavirus pandemic have created a new world that’s ripe for hackers and scammers.
    Ransomware and malware attacks are up, and users working from home are more susceptible to phishing attempts and other attempts to gain access to your network. If you’re not focusing on the human element, you’re ignoring a crucial part of your overall security program.

    In this one-hour webinar, a panel of experts and thought leaders will discuss important topics including:

    - Why your users are your most important line of defense, and how you can build and empower your “human firewall”
    - How Covid-19 has reshaped the threat landscape, and how that will be affected by the economic crisis
    - What you can do now to make your organization a hard target for bad actors
    - How security awareness training can enable your employees to make smarter security decisions every day
  • You've Got Humans on Your Network! Recorded: Jul 21 2020 72 mins
    Joanna Huisman (KnowBe4), Dr. Christopher Pierson (BlackCloak), Trip Hillman (Weaver), Tom Bechtold (SecureWorld)
    They are all over your network doing all sorts of things with company data. Most of them are doing exactly what they are supposed to be doing. Nothing new to report there but do you know who they all are? Should they have that level of access? Why is Carol in accounting downloading 1 TB of data? Did John in sales just send the competitors a price list? When is the last time you REALLY did some security awareness training besides that one video you sent 6 months ago?

    Now people are working from home. Who is using this corporate device? Where did this Chromebook come from on the network?

    We have a lot of questions and a lot of work ahead of us as it relates to the human element and Information Security. Some say there is are technical controls we need to put in place. Some say it is merely adopting a company culture shift toward security. The truth is probably somewhere in the middle. Bring our panelists your questions and let’s help our end-users!
  • 10 Incredible Ways You Can Be Hacked Through Email & How To Stop The Bad Guys Recorded: Jul 20 2020 73 mins
    Roger Grimes (KnowBe4), Gary Miliefsky (Cyber Defense Media Group)
    Email is still the #1 attack vector the bad guys use. A whopping 91% of cyberattacks start with a phishing email, but email hacking is much more than phishing and launching malware!

    Join Roger A. Grimes, KnowBe4's Data-Driven Defense Evangelist and security expert with over 30-years of experience, as he joins Cyber Defense Media Group's Gary Miliefsky for this webinar where he will explore 10 ways hackers use social engineering to trick your users into revealing sensitive data or enabling malicious code to run. Plus, he'll share a (pre-filmed) hacking demo by KnowBe4's Chief Hacking Officer Kevin Mitnick.

    Roger will teach you:

    •How silent malware launches, remote password hash capture, and how rogue rules work
    •Why rogue documents, establishing fake relationships and getting you to compromise your ethics are so effective
    •Details behind clickjacking and web beacons
    •Actionable steps on how to defend against them all

    If all you were worried about were phishing attempts, think again!
  • Hacking Your Organization: 7 Steps Bad Guys Use to Take Control of Your Network Recorded: Jul 20 2020 61 mins
    Roger Grimes, Data-Driven Defense Evangelist, KnowBe4
    The scary fact is that human error is a contributing factor in more than 90% of breaches. With so many technical controls in place hackers are still getting through to your end users, making them your last line of defense. How are they so easily manipulated into giving the bad guys what they want? Well, hackers are crafty. And the best way to beat them is to understand the way they work.

    In this webinar, Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, will take you through the “Cyber Kill Chain” in detail to show you how a single email slip up can lead to the total takeover of your network.

    Roger will show you:
    - How detailed data is harvested using public databases and surprising techniques
    - Tricks used to craft a compelling social engineering attack that your users WILL click
    - Cunning ways hackers deliver malicious code to take control of an endpoint
    - Taking over your domain controller and subsequently your entire network

    But not all hope is lost. Roger will also share actionable strategies you can put in place now to greatly reduce your risk. Find out how to protect your organization before it's too late.
  • Hackers Exposed: Kevin Mitnick Shares His Tradecraft and Tools Recorded: Jul 14 2020 64 mins
    Kevin Mitnick, Perry Carpenter
    Months of quarantine, transitioning to work from home, economic uncertainty, social and political turmoil… it’s easy to see why your employees are amped up, tense and distracted. And the bad guys are preying on those vulnerabilities more savagely than ever.

    Join us for this exclusive webinar where Kevin Mitnick, KnowBe4’s Chief Hacking Officer and Perry Carpenter, KnowBe4’s Chief Evangelist and Strategy Officer dive deep into the strategies cybercriminals are using to raise the stakes.

    In this webinar you’ll hear about:

    - Router configurations that put WFH and hybrid home/office endpoints in danger
    - New browser exploits that are making your employees more vulnerable
    - Why you can’t trust your trusted senders (supply chain attacks)
    - The ominous effects of several real-life ransomware attacks
  • Panel Discussion: Staff Awareness and Security Culture Recorded: Jul 14 2020 36 mins
    Joanna Huisman, Dr Louise Bennett, Latif Hussain, Nick Rosser, John Leonard
    Join KnowBe4's Joanna Huisman and an expert panel as they discuss the ways in which empowering your employees to have a strong security culture and how this can help protect your organization. They discuss:

    - How to increase understanding and involvement from senior-decision makers in cyber-security.
    - How do you implement and maintain consistent policy throughout your staff?
    - One of the biggest issues is ‘someone else will fix it’, how can you encourage accountability, and therefore smarter responses from your team?
    - How can you encourage staff, of all levels, to admit if they’ve made a mistake?

    Panel:
    Dr Louise Bennett, Co-Chair of the Privacy and Consumer Advisory Group, Cabinet Office and DCMS
    Joanna Huisman, Senior Vice President of Strategic Insights and Research, KnowBe4
    Latif Hussain, Lead IT Enterprise Architect, British Film Institute
    Nick Rosser, Head of Information Technology, Saunderson House
    Moderator: John Leonard, Research Director, Incisive Media
  • 10 Incredible Ways You Can Be Hacked Through Email & How To Stop The Bad Guys Recorded: Jul 10 2020 68 mins
    Roger Grimes, Data-Driven Defense Evangelist, KnowBe4
    Email is still the #1 attack vector the bad guys use. A whopping 91% of cyberattacks start with a phishing email, but email hacking is much more than phishing and launching malware!

    Join Roger A. Grimes, KnowBe4's Data-Driven Defense Evangelist and security expert with over 30-years of experience, for this webinar where he will explore 10 ways hackers use social engineering to trick your users into revealing sensitive data or enabling malicious code to run. Plus, he'll share a (pre-filmed) hacking demo by KnowBe4's Chief Hacking Officer Kevin Mitnick.

    Roger will teach you:

    •How silent malware launches, remote password hash capture, and how rogue rules work
    •Why rogue documents, establishing fake relationships and getting you to compromise your ethics are so effective
    •Details behind clickjacking and web beacons
    •Actionable steps on how to defend against them all

    If all you were worried about were phishing attempts, think again!
  • Now That Ransomware Has Gone Nuclear, How Can You Avoid Becoming the Next Victim Recorded: Jul 9 2020 50 mins
    Roger Grimes (KnowBe4), Tim Phillips (The Register)
    We’ve been hearing about ransomware for a few years now. You might even know a company that has been a victim and quietly paid up, and you might even know someone who’s told you not to worry. “It’s OK if you have a good backup,” they say.

    Well, think again. In the last few months, ransomware has gone nuclear. There is a reason more than half of today’s ransomware victims end up paying up. A new generation of attackers are crafting plans to cause the most panic, pain, and operational disruption. They will take the time to maximize your organization’s potential damage and also their payoff -- not just encrypting your data, but stealing it and posting it publicly if you don’t play ball.

    Roger Grimes from KnowBe4 joined Tim Phillips from The Reg for a live RegCast in which they sounded off on the ransomware emergency klaxon. They covered:

    - How sophisticated ransom attacks are stealing your data and what they do with it
    - Why your data backups alone can't protect you from nuclear ransomware
    - And, most important, how to protect yourself from the new nuclear threat
  • How to Build a Human Firewall Recorded: Jul 9 2020 51 mins
    Jacqueline Jayne (KnowBe4), Jasmin Krapf (Bupa), Dovid Clarke (MMG Ltd), Anthon Kitzelmann (Australian Digital Health Agency)
    Cyber attacks are becoming bolder and more common. In the recent months, we have seen an unprecedented increase in breaches and ransomware attacks on some of the world's most notable organisations.

    On average, approximately 90% of breaches are caused by human error. Organisations must create a 'whole of business' approach to cyber security that must first start with their people.

    This virtual panel will discuss how organisations can create their own human firewall.
  • Find Out How to Use Your Organization's Data to Become a Risk Management Expert Recorded: Jun 25 2020 52 mins
    Roger Grimes
    Risk management is about recognizing the right risks, assigning the right likelihood, and assessing potential damage. Yet, most risk managers are doing it wrong, driven by decades of faulty risk management measurements and tools.

    Learn how you can use your organization's data to create new risk models that map to your real risk and apply a data-driven defense approach to identify the critical threats that your organization actually faces.

    Join Roger Grimes, KnowBe4's Data-Driven Defense Evangelist, a 30-year security veteran and former auditor who has passed the CPA and CISA exams for this insightful presentation.

    Roger will show you:

    - How most risk managers are taught to calculate risk and why that's incorrect
    - How you can fix your risk calculation
    - How to use your own data to create new risk models that better map to your organization’s real risk
    - How to create a data-driven risk management plan using governance, risk management and compliance tools
  • Levers of Human Deception: The Science and Methodology Behind Social Engineering Recorded: Jun 19 2020 57 mins
    Erich Kron (KnowBe4), David Littman (TruthInIT)
    No matter how much security technology we purchase, we still face a fundamental security problem: people. This webinar will explore the different levers that social engineers and scam artists pull to make us more likely to do their bidding.

    Join Erich Kron, Security Awareness Advocate for KnowBe4, provides fun and engaging examples of mental manipulation in everyday life: from the tactics used by oily car dealers, to sophisticated social engineering and online scams. Additionally, we’ll look at how to ethically use the very same levers when educating our users.

    Key Takeaways:
    - The Perception Vs. Reality Dilemma
    - Understanding the OODA (Observe, Orient, Decide, Act) Loop
    - How social engineers and scam artists achieve their goals by subverting - - OODA Loop's different components
    - How we can defend ourselves and our organizations
  • Combatting Rogue URL Tricks: How You Can Quickly Identify and Investigate Links Recorded: Jun 12 2020 61 mins
    Roger Grimes
    Don't click phishy links. Everyone knows that. But are your end users prepared to quickly identify today's tricky tactics being used by the bad guys? Probably not. Cybercriminals have moved beyond simple bait and switch domains. They're now employing a variety of advanced social engineering techniques to entice your users into clicking and putting your network at risk. You need to stay a step ahead of the bad guys.

    Join us for this webinar when Roger Grimes, KnowBe4's Data-Driven Defense Evangelist, shows you how to become a rogue URL expert.

    He’ll dive deep into the latest techniques and defenses to share:

    - Real-life examples of advanced attacks using rogue digital certificates, homograph attacks, and more
    - Safe forensic methods for examining URLs and other tactics for investigating phishy emails
    - Strategies for dissecting URLs on mobile without clicking
    - Simple ways you can train your users to scrutinize URLs and keep your network safe
  • Lower Your Business Risk with Best Practice Data Privacy Impact Assessments Recorded: Jun 1 2020 45 mins
    Lecio DePaula Jr.
    Whether you're creating a new product, going through a merger & acquisitions, or significantly changing a process in your organization, new processing activities can present high risk to your organization. As we can see from Marriott’s acquisition of Starwood, not undergoing a full security and privacy assessment can present huge problems for your organization and now Marriott faces a $123.6 million dollar fine due to lack of due diligence.

    One way to reduce risks and identify security/privacy risk is to conduct a data protection impact assessment. Not only will this assessment help you reduce business risk, but it also helps identify new processes in your organization to maintain compliance with GDPR, LGPD, CCPA and other global privacy laws.

    Join Lecio DePaula Jr., KnowBe4’s Data Privacy Director, for this webinar to hear about creating a robust data protection impact assessment to analyze new processes, workflows, and products to identify problems before they happen.

    In this webinar you’ll learn:

    - Best practices for conducting a robust DPIA
    - The privacy and security risks of M&A, creating new software products, other initiatives
    - How conducting a DPIA aligns with global privacy requirements
    - Common DPIA mistakes and how to avoid them
    - Tools that help manage and streamline your DPIA process
  • Your Ransomware Task Force: Extortion, Crisis Management and Recovery Recorded: May 26 2020 59 mins
    Roger Grimes (KnowBe4), Bill Hardin (Charles River Associates)
    When you realize your organization has been hit with a ransomware attack there are a few things that need to happen. One… take a deep breath. Two… contain the damage. And three… initiate your recovery plan IMMEDIATELY.

    Watch this on-demand webinar where Roger Grimes, KnowBe4's Data-Driven Defense Evangelist, interviews Bill Hardin of Charles Rivers Associates for an exclusive webinar, Ransomware Expert Guide: Extortion, Crisis Management, and Recovery. Roger and Bill take a deep dive into ransomware forensics and recovery to help you prepare for a rapid response before a ransomware attack affects your organization.

    In this session you’ll learn:

    - Of the thousands of cyber events Bill has investigated what is different in 2020
    - Tactics and techniques your security team can use to hunt within your environment
    - Bill’s top 3 takeaways regarding ransomware recovery
    - How to enable your users to spot suspicious attacks before they affect you
Security Awareness Training
KnowBe4 is the world’s most popular integrated Security Awareness Training and Simulated Phishing platform. Realizing that the human element of security was being seriously neglected, KnowBe4 was created to help organizations manage the problem of social engineering, spear phishing, and ransomware attacks, through a comprehensive new-school awareness training approach. KnowBe4 trains employees to make smarter security decisions.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Security Awareness: Securing the Human Layer
  • Live at: Jul 30 2020 9:25 pm
  • Presented by: Roger Grimes, Scott Lowe
  • From:
Your email has been sent.
or close