Recent studies show that 82% of cyber incidents result from unintended human behavior. Further, the errant behavior of only 5% of all users creates most of this risk. This is pretty alarming, and yet no one is talking about it. Modifying the behavior of these few individuals can have a force multiplier effect on reducing overall enterprise cyber risks. Welcome to Friendly Fire: Mitigating Unintentional User Risk. Where we explore Human Risk, to raise awareness across the industry, and stimulate discussion on how we can create a security culture that better protects all of us, emphasizes personal responsibility, and focuses on enterprise-wide behavior change. Research now clearly proves that 85% of cyber incidents are caused by errant human behavior. Organizations need better tools and approaches to manage and mitigate the risk of their own users unintentionally aiding attackers. Tune in to enlightening discussions with CISOs, cybersecurity experts, and technologists. They share what they are doing to address these unintentional user risks. Answer the most important questions surrounding this problem: how can we fix this? How can we use data to change people’s behavior? Do we truly understand the overall impact? How can it worsen your operations? It's time you got answers. This show provides you with hope by examining solutions that many professionals have already tried and tested. Hear about the times they failed, so you can learn the lessons they discovered during their most challenging moments. One episode at a time, raise the dialogue about this matter by exploring unique perspectives of various professionals across different industries. Regardless of where you are in your cybersecurity journey, you have a role in mitigating these unintended risks. Solving this problem does not only fall to the hands of CISOs of large enterprises. Researchers, digital security personnel, and everyone with a knack for technology must come together and develop possible solutions. These risks can be hard to minimize or eliminate all by yourself. But when doing it as a community, the task becomes more manageable. This podcast is everyone’s first step towards a strong collective effort to make a true change in the digital landscape. Can you identify the small number of users creating risk for the entire organization? Can you provide them with tools and information to improve their security performance? Can you reach them contextually, when they are most likely to respond to behavior modification? Can you control repeat offenders and intransigents without stymying the entire organization? What about contractors and other affiliated organizations? Elevate Security is here to shine a light on the unseen problem. If you can correct these unintentional risks, the digital landscape can become safer and more secure for industry leaders, developers, and end-users alike. Let’s finally solve this persistent cybersecurity problem once and for all. Listen to Friendly Fire: Mitigating Unintentional User Risk at https://elevatesecurity.com/friendlyfire.
Security awareness training is not enough to protect ourselves from cyber risks. But how can we control these risks? Today, Kristina Belnap, the SVP and CISO of HealthEquity, brings the role of human resources in bringing human risk management into the organization. Educating everyone on AI and bringing awareness into the space are keys to protecting information and securing our environments. Kristina provides some great insights o...
Cybersecurity is a high-stakes card game, and sometimes, it's not about winning every hand but mastering the game as a whole. In this episode, we welcome Allison Miller of Cartomancy Labs for an illuminating discussion on "The Theoretical Floor" and why resilience is the secret sauce to defending against modern cyber threats. She expounds on the world of human risk, shedding light on how we can redefine our understanding of cyberse...
For an API security platform to succeed in today’s fast-paced society, it must be widely familiar with the current trends of the digital world and keep its most skilled people for a long time. Tyler Shields sits down with Karl Mattson, CISO at Noname, to discuss these two vital factors. Karl explains how they approach cybersecurity as an up-to-date organization, the best way to keep up with APIs growing rapidly, and how not to acqu...
Product security has greatly changed over time. How does human contribute to the changes going on? In this episode, Joern Freydank, a Lead Cyber (Application) Security Engineer, dissects the human issues in product security. He emphasizes the value of humans in providing a higher level of order intelligence operating the systems. Joern also shares the key component of the anti-patterns and discusses how threat modeling works in the...
We should embrace the human side of cybersecurity, where knowledge and vigilance become our most potent weapons in the age of digital health. In this episode, Esmond Kane, a CISO at a leading healthcare organization, sheds light on the critical role of human risk management in safeguarding our digital lives. He emphasizes that no matter the technological advancement, the human touch will always be among our most potent weapons agai...
As technology advances, so does the threat posed in cyberspace. In this episode, Mark Weatherford, the SVP and Chief Security Officer at AlertEnterprise, navigates us through cyberspace and how AI and Government Policy impa...
People make mistakes, and these unintentional mistakes drastically impact an organization. You shouldn't dance with risks and wait for cyber attacks to steal your stage. It's time to take action with Andre Russotti of Altria Client Services as he explains how Zero Trust does not solve the user-behavior problem that causes insider risks. Would you relax security controls? You better hop on to this conversation because Andre fires up...
In this episode, we unravel the complexities of Identity and Access Management (IAM) and explore the cutting-edge concept of Zero Trust. Join host Tyler Shields as he sits with Christine Owen, a recovering attorney who found solace in IAM and Zero Trust principles. Christine sheds light on the modern challenges of protecting digital assets in an ever-evolving threat landscape. Christine introduces us to the game-changing conce...
Balancing risk and privacy is a delicate dance, but with the right solutions and strategies, organizations can effectively manage potential threats to their security while protecting their users' data. For today’s episode, Matthew Stephenson interviews renowned privacy and technology attorney Greg Silberman to discuss the fascinating and complex world of risk and privacy. With years of experience working in cybersecurity and develo...
If there is one sector that is keeping people cool, warm, and secure, that would be the utility sector. They are the ones who have been ensuring that our basic needs are well-provided and, in that process, well-functioning for decades. However, with the cyber element growing and taking root in the sector, threats to how utilities are delivered have become a concern. In this episode, Matthew Stephenson is...
There are a lot of factors that cause problems within the cybersecurity space, but the human element ranks as the top reason. With the huge communication chasm among IT experts, C-suite leaders, and hiring managers, there is still work to be done in bridging these gaps. Matthew Stephenson discusses how to solve this disconnect with the Founder and CEO of Cyber Risk Opportunities, Kip Boyle. They explain ...
"Privacy isn't dead, but people need to be made more aware of the invasiveness of the internet of things, digital devices, and tracking." – Theresa Payton.
Every company has a duty of care to ensure they are tracking their employees on a certain level to ensure people are who they say they are, working when they say they're working, and taking care of the intellectual property and customer data. In this episode, Theresa Payton...
This digital information age puts businesses vulnerable not only to external attacks but internal as well. Even more threatening when these happen to those in a highly-regulated industry with a significant amount of information needed securing. Suffice to say, friendly fires happen and must be dealt with as much as other threats. In this episode, Tim Callahan, the Senio...
Insight Global is a massive company that connects talent with the companies that need that talent. As such, it plays a critical role in the cybersecurity industry. In this episode, Jonathan Waldrop, the Senior Director at Insight Global, talks about how the company uses the human element when it comes to security. Jonathan discusses that changing the mindset of security practitioners educates customers and end users on the use of t...
Awareness, culture, and behavior. How are these things related to technology and security? In this episode, Kai Roer, the author of Build a Security Culture, provides some insights into the importance and impact of security culture. Kai highlights that there are social and cultural triggers that drive human behavior. Matthew Stephenson and Kai Roer also touch on Artificial Intelligence and Machine Learning. Tune in and find out mor...
Data security awareness is indeed valuable, but how is it actually framed? Most people in the security space rely solely on the human firewall, and that is where the problem occurs. In this episode, Ira Winkler, author of Security Awareness for Dummies, explains why organizations should stop depending on user awareness alone in protecting their data. He explains how strong passwords may still prove unhelpful when cyberattackers are...
Most organizations don’t want to have adversarial conversations about cybercrime. They either don’t care enough or they don’t really understand it. But this lack of visibility within your network can result in a huge risk to your organization. Not knowing if you are dealing with an insider threat is scary. You can't prepare for it or set up countermeasures. If you can't see it, you can't protect it.
Join Matthew Stephenson as h...
When a cybersecurity breach happens, expect things to go crazy. You will have to deal with legal teams and an all-out investigation with the authorities. You will have to find out who did it as soon as possible. Is it an attack from the outside or due to neglect from someone from the inside? How are your customers doing? How can you circumvent future attacks? There are a lot of things that you can learn from a cyberattack, and the ...
A lot of cybersecurity assessments are done with a checklist of how many high-risk, medium-risk, and low-risk vulnerabilities there are. It's very non-human, which is something a lot of people will get turned off by. If you truly want executive leaders to start paying attention to cybersecurity, you need to present it in a more humane so that it’s more relatable.
Securing Humanity is a collective responsibility. In this episode, Matthew Stephenson interviews Elsine Van Os, the founder and CEO of Signpost Six, Insider Risk Management consultancy firm with behavioral science at its heart. Elsine discusses cybersecurity and risk management within the organization, and shares the psychological aspect of it all. Elsine also drops gold nuggets and information bombs on psychology, security, techno...
Good Game is your one-stop shop for the biggest stories in women’s sports. Every day, host Sarah Spain gives you the stories, stakes, stars and stats to keep up with your favorite women’s teams, leagues and athletes. Through thoughtful insight, witty banter, and an all around good time, Sarah and friends break down the latest news, talk about the games you can’t miss, and debate the issues of the day. Don’t miss interviews with the people of the moment, whether they be athletes, coaches, reporters, or celebrity fans.
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations.
If you can never get enough true crime... Congratulations, you’ve found your people.
The official podcast of comedian Joe Rogan.
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.