Behavior change in action - use cases from a global organization
Вставка
- Опубліковано 10 жов 2023
- Enough talk about the theory of security behaviour change... this talk explores what it can look like in action!
James van den Bergh from DLA Piper and Tim Ward from ThinkCyber explore three specific use cases where behaviour change interventions can be used to reduce organisational risk in a global organisation.
This joint talk features James van den Bergh Head of Security Awareness at DLA Piper and Tim Ward CEO, ThinkCyber. James and Tim will explore three quite specific case studies in the lifecycle of an employee where risk profiles and the way to tackle those differ. They will do this through the lens of behavioural science and with a focus on offering actionable takeaways that can be applied in organisations large and small.
Firstly induction, how can we harness the “fresh start effect” where people join wanting to be their best selves. How do we understand employee risk profiles at this point and then target specific behaviours to embed good habits.
Secondly, James will explore the idea of offering “stabilisers” to staff encountering greater risk in their role, or who are showing riskier behaviours than the norm. How can we understand, support, and guide these individuals to reduce our organisational risk profile?
Finally, James will touch on leavers, who have the potential to represent data loss risks for an organisation, whether unthinking or malicious. How can we gently reinforce expected behaviours at this point in an employee’s lifecycle?
Throughout this exploration, Tim will talk about the behavioural science behind the effective delivery of these interventions. From nudge theory (BJ Fogg, EAST) to playing to cognitive biases such as availability, and priming social proof. James will highlight real-world context and examples of theories in action.
Attendees will take away an understanding of:
-How awareness can be targeted to different stages in an employee lifecycle with an organisation
-The importance of understanding your awareness audience to effectively target and embed secure behaviours
-Why and How content can be tailored to different employee needs be they culture, risk profile, or other demographics
-How to apply behaviour change models and an understanding of cognitive biases to various security awareness challenges including phishing, data handling, and general cyber hygiene.
SANS Security Awareness: Managing Human Risk Summit 2023
Behavior change in action - use cases from a global organization
Speakers:
Tim Ward, CEO & Co-founder, Think Cyber Security Ltd
James van den Bergh, Security AwarenessLead Specialist, DLA Piper
View upcoming Summits: www.sans.org/u/DuS
