Lunch & Keynote Presentation: Why the Security Industry Is Failing the Public and Their Clients
| Friday, October 14, 2022 |
| 12:00 PM - 1:30 PM |
| Student Union Ballrooom |
Speaker
Robert Siciliano
KEYNOTE Speaker
Lunch & Keynote Presentation: Why the Security Industry Is Failing the Public and Their Clients
Abstract
2019 was the worst year on record for the number of stolen records breached with an increase of 284 percent compared to 2018. Then, in 2020 some studies showed 27 billion records exposed. The latest data now shows as many as 40 billion records exposed in 2021. Why? Misconfigured systems, insider threats and some say it's because criminal hackers are more "sophisticated". They aren't. They're just more organized than ever while the security community and the public continue to flail.
A perfect example is the 2021 the Colonial Pipeline attack that resulted from a single compromised password. This sad and scary example shows that we haven't moved the needle in security awareness training one bit.
Too often, IT managers, CTO's, CIO's, and CISO's look at "compliance" as spending $200 per year or less per employee on phishing simulation training that in return provides a certificate of compliance exhibiting due diligence. This strategy is hollow, it doesn't fundamentally change behavior and doesn't lead to an upgraded employee security mindset.
Humans, are an "interdependent species" and require trust in one another therefore security goes against our core beliefs. Employers, who are trusting humans, don't want to spend money on prevention unless they have to because of insurance purposes or if they are breached. Employees don't care about or appreciate security unless it benefits them. Even many top-level professionals, from Coders to CEOs and Security Sales Professionals don’t treat security with the respect it deserves.
In this lively and highly interactive program, Robert will engage the audience in some uncomfortable conversations dispelling societal myths revolving around security. These conversations tap into cultural misnomers and are designed to change skewed beliefs. We will ask tough questions and provide a very different perspective to change behavior resulting in better performance at all levels.
Robert will discuss:
Why security needs to benefit and employees' personal life first
How the simple seatbelt sums up security awareness roadblocks
What's the difference between head-based vs heart-based security training
How security has nothing to do with paranoia
Why PT Barnum was wrong about a sucker born every minute
How to rob a bank using social media
Revisiting the fundamentals of “personal security” and how all security is personal
Why does a person’s home security posture determines their information’s security
What it means to function in a “state of security denial”
How a confidence crime is a perfect crime
Evidence that even top security professionals don't understand security
A perfect example is the 2021 the Colonial Pipeline attack that resulted from a single compromised password. This sad and scary example shows that we haven't moved the needle in security awareness training one bit.
Too often, IT managers, CTO's, CIO's, and CISO's look at "compliance" as spending $200 per year or less per employee on phishing simulation training that in return provides a certificate of compliance exhibiting due diligence. This strategy is hollow, it doesn't fundamentally change behavior and doesn't lead to an upgraded employee security mindset.
Humans, are an "interdependent species" and require trust in one another therefore security goes against our core beliefs. Employers, who are trusting humans, don't want to spend money on prevention unless they have to because of insurance purposes or if they are breached. Employees don't care about or appreciate security unless it benefits them. Even many top-level professionals, from Coders to CEOs and Security Sales Professionals don’t treat security with the respect it deserves.
In this lively and highly interactive program, Robert will engage the audience in some uncomfortable conversations dispelling societal myths revolving around security. These conversations tap into cultural misnomers and are designed to change skewed beliefs. We will ask tough questions and provide a very different perspective to change behavior resulting in better performance at all levels.
Robert will discuss:
Why security needs to benefit and employees' personal life first
How the simple seatbelt sums up security awareness roadblocks
What's the difference between head-based vs heart-based security training
How security has nothing to do with paranoia
Why PT Barnum was wrong about a sucker born every minute
How to rob a bank using social media
Revisiting the fundamentals of “personal security” and how all security is personal
Why does a person’s home security posture determines their information’s security
What it means to function in a “state of security denial”
How a confidence crime is a perfect crime
Evidence that even top security professionals don't understand security
Biography
Robert is a security expert and private investigator with 30+ years experience, #1 Best Selling Amazon.com author of 5 books, and the architect of the CSI Protection certification; a Cyber Social Identity and Personal Protection security awareness training program. He is a frequent speaker and media commentator, and CEO of Safr.Me and Head Trainer at ProtectNowLLC.com.
Robert has been featured on CNN, Fox News, CNBC, MSNBC, ABC World News Tonight, NBC Nightline, CBS Early Show, Today Show, Good Morning America and in the NY Times, Wall Street Journal, Time Magazine, Fortune, Forbes, Entrepreneur and many more.
His personal mission is to inform, educate and empower people so they can protect themselves and their loved ones from violence and crime in their everyday lives, both in their physical and virtual interactions.
