Talks

Never Have I Ever

Petra Smith (Aura Information Security)

Red teamers and blue teamers drink for different reasons, but we share a common goal: to protect people from security threats. But we aren’t doing a great job – security breaches increase in number every year, and most of them still start with someone falling for a phishing scam. Why? Because the way we teach people to spot a scam is so totally, utterly, job-security-guaranteeingly broken it sets them up to fail.

Comrades, it’s time to put aside our differences and unite to destroy our common enemy: corporate security awareness programmes that teach people that a legitimate company would never do things that legitimate companies do every day. Let’s talk about how they do more harm than good, and what we can do to make security awareness suck less for everyone.

About Petra Petra is a professional opinion-haver and security culture specialist who is on a mission to make security accessible to everyone. She has a point and she’s getting to it.