It is the biggest cop-out in information security: when a major security incident hits the news, security practitioners are quick to place the blame on users and shout from the rooftops that it is the humans who are the weakest link in security. Focused on building and maintaining highly sophisticated technical systems, however, many security teams make the mistake of approaching human problems with highly technical solutions. By ignoring much of the research, data, and information we have about how people interact with machines, technologists miss the opportunity to design for (or around) expected human behaviors. As a result, many technologies ignore the needs, knowledge, and experience of the average person and set them up for failure through counterintuitive design and externalized risk when they do face security-critical tasks.
Jessy Irwin debunks the myth that users are the root of all failure and explores how security teams can transform their thinking to even the playing field for nonexpert, nontechnical humans and introduces actionable strategies to transform people into an extra line of defense when we need them the most.
Jessy Irwin is a security expert who excels in translating complex cybersecurity issues into simple, relatable terms for nontechnical audiences. Her current areas of interest include making security more accessible for the average person, advocating for strong privacy protections in education for students, building better models for digital security training, and building proactive security communications strategies for consumers, policymakers, small businesses, and Fortune500 companies. In her work as an consultant, security executive, and former security empress at 1Password, she has taught consumers how to better protect themselves, their data, and their identities online. Jessy regularly writes and presents internationally on human-centric security, student privacy, and security communication at events including O’Reilly Security, RSA Conference, TechSummit Amsterdam, Infosec Southwest, and ShmooCon. Her work has appeared in CSO Online, VICE Broadly, Mashable, BuzzFeed, TechCrunch, and CNN.
©2017, O'Reilly Media, Inc. • (800) 889-8969 or (707) 827-7019 • Monday-Friday 7:30am-5pm PT • All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners. • firstname.lastname@example.org