Nearly two dozen experts on the front lines of cybersecurity provided their insight and advice at Living Security’s third annual Human Risk Management Conference (HRMCon) on June 20. The event’s 16 sessions and three keynote talks — more than 10 hours of programming — are available online in HRMCon 2024 OnDemand.
Living Security, a leading provider of human risk management and cybersecurity awareness training solutions, sponsored the nation’s largest gathering of HRM experts and practitioners. HRMCon’s featured cybersecurity experts include Brian Krebs, groundbreaking cybercrime investigative journalist; Jessica Burn, principal analyst at research advisory Forrester; and David Kennedy, cybersecurity veteran founder and CEO of Trusted Sec.
HRMCon 2024 OnDemand provides another opportunity for cybersecurity professionals to hear from these and many other experts and learn their strategies for managing human risk effectively.
In her keynote conversation with Krebs, Living Security founder and CEO Ashley Rose noted that while organizations spend $200 billion each year on cybersecurity, only 2% focuses on human-centered risk — leading to 68% of security breaches.
“We need an approach that identifies attack patterns across the workforce and then proactively protects assets,” Rose said. “That’s Human Risk Management — the intersection of people, process, and technology.”
Krebs agreed that mitigating the risk of employees creating unintentional breaches is essential. “Humans are the key,” he said. “They're the fastest way to undo all of the security in your organization. That's why so much cybercrime is so heavily reliant on humans. And that will fundamentally never change.”
Rose and Krebs addressed topics including “breach fatigue,” how introducing AI into cybersecurity may cause more problems than it solves, and what effective cybersecurity training looks like.
“A lot of what organizations try to pursue in the name of security awareness training ends up being more like ‘gotcha’ training and that creates an adversarial relationship between normal users in the network and the security people,” said Krebs, who has studied cybersecurity at hundreds of companies.
Living Security's Unify platform averts those conflicts with a system that assesses employees’ work practices and automatically launches workflows and training for specific individuals or groups who need assistance. Living Security’s proactive approach can greatly reduce the time required to mitigate human-related risk.
In the second keynote, Forrester’s Jessica Burn assessed the weaknesses of the so-called “silver bullet” of security awareness and training (SA&T) and the challenges, opportunities, and practicalities of moving from SA&T to human risk management.
In his keynote, Trusted Sec CEO David Kennedy, a former CISO with two decades of experience in the field, reviewed cybercriminals’ rapid move into using AI, voice cloning and new advances in ransomware and how organizations can prepare and defend against those attacks.
HRMCon 2024 On Demand offers the live event’s 16 sessions across four tracks: Human Risk Quantification; Risk-Based Policy Training and Intervention; Workforce Education and Enablement; and Positive Security Culture.
The 22 speakers include John Brickey, senior vice president of cybersecurity at Mastercard; Shawnee Delaney, founder and CEO at Vaillance Group; Michele Kim, director of technology risk at Fitch Ratings; David Tunley, cybersecurity engagement lead at Rivian; and Drew Rose, founder and CSO at Living Security.
To view any of the keynotes or sessions, visit HRMCon 2024 OnDemand. To learn more about Living Security’s leading solution for human risk management, visit https://www.livingsecurity.com.