How engaging your business stakeholders can improve cybersecurity

Presented by

Alexandra Panaretos, CSAP, SSAP, Cybersecurity Leader for Secure Culture Activation at EY Americas

About this talk

Both human behavior and business priorities are often left unconsidered when cybersecurity teams plan policies, procedures, or security awareness strategies and education. Employees are experiencing learning fatigue, having to complete mandatory trainings without regard to their role or risk-based profile – and worse, without significant results on the organization’s overall risk profile. Business leaders may view cybersecurity as a roadblock rather than as an innovation enabler. To measurably improve information security behavior and your human-based risk, stop training and start engaging your stakeholders and employees. Learn how to leverage awareness resources to improve all areas of your security function, including policy, procedure and technology implementations. Most importantly, consider a Security by Design approach to cybersecurity, to build in risk thinking from the onset, enabling global innovation with confidence and engaging with employees to build a relevant security mindset into everything they do. In this webcast, we will discuss: Messaging appropriately tailored for business stakeholders to understand why and how cybersecurity should be incorporated into every aspect of the company Engaging your awareness resources to be the public relations and marketing department for your CISO and CIO The difference between awareness, education and training Socialization of policies, procedures and new technology Elements of a successful awareness program and security culture

Related topics:

More from this channel

Upcoming talks (11)
On-demand talks (3449)
Subscribers (176863)
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.