Build Better Defenses
October 29–30, 2017: Training
October 30–November 1, 2017: Tutorials & Conference
New York, NY

Embracing security as a culture: Users aren't the problem; they're remotely deployed sensors.

4:45pm–5:25pm Wednesday, November 1, 2017
Bridging business and security
Location: Sutton North

Who is this presentation for?

  • IT managers and directors, CIOs, and CISOs

Prerequisite knowledge

  • A basic understanding of risk management and security awareness programs

What you'll learn

  • Learn how to work with management to secure support, how to use employee feedback as part of the detection and remediation cycle, and tips and tricks from other successful programs on how to accomplish many of these goals


Criminals are increasingly moving to social engineering-focused attacks, but organizations are reacting the same ways they always have: roll out some CBT-based training and check the box under “Employee security awareness training.” While not entirely a waste of time, this approach is not solving the problem.

Users aren’t just part of the problem; they’re part of the solution. Creating a security culture takes more than security awareness training. It takes commitment from all parts of an organization. The issue is no longer how to reduce the number of people inviting in threats to our network; it’s how to leverage our staff to be a key component of our security strategy. Chester Wisniewski explains why we need users to take an active part in helping manage security risk in order to improve security and better defend against and respond to phishing attacks.

Exploring the issue from both a psychological and technical perspective, Chester shares advice and practical examples from successful security programs, including tips for securing top-level support from management, approaches for effectively measuring success, how to use the criminals’ playbook to your advantage, and how to use human resources to assist with detection and remediation.

Do you have 500 employees who might accidentally introduce risk or 500 remotely deployed sensors augmenting your traditional monitoring tools? The decision is up to you.

Photo of Chester Wisniewski

Chester Wisniewski


Chester Wisniewski is a principal research scientist in the office of the CTO at Sophos. Chester has been involved in the information security space since the late 1980s. He divides his time between research, public speaking, writing, and attempting to communicate the complexities of security to the press and public in a way they can understand. Chester has spoken at RSA, InfoSec Europe, LISA, USENIX, Virus Bulletin, and many Security BSides events around the world. He also regularly consults with NPR, CNN, CBC, the New York Times, and a number of other media outlets.