Cheryl Conley

Cheryl Conley is a phishing and security awareness SME, with the CISSP (Certified Information Systems Security Professional) and SSAP (SANS Security Awareness Professional (SSAP) certifications, along with a Master’s degree specializing in Information Security.

More About Cheryl


During her extensive career at Lockheed Martin, she led a team responsible for deploying an enterprise wide cyber security awareness program, coined The I Campaign®, targeting end users based on real life attack vectors. This included baselining and monitoring employee phishing behaviors, specifically the corporate phishing program, impacting the cyber security posture of Lockheed Martin. Over a decade, the team saw an overall improvement of 35-51% in Undesired Action Rate, and over a tenfold increase in formal, imperative reporting of suspected malicious intent. This included an internal counseling program designed to effectively handle employees requiring additional training opportunities dealing with safe cyber behavior and practices. This concept had been communicated and utilized across various large, diverse corporations.

She has been a long term active participant in the SSA (SANS Security Awareness) community, presenting at several SSA Summits along with participating as an Advisory Board member. Supporting the SSA passion to provide security awareness for the non-technical audience, she has been an Editorial Board member for the OUCH! Monthly newsletter. Currently a member of the SSA team, her focus is on phishing strategy utilizing over 10 years of end user and employee responses to phishing simulations and overall security awareness tactics.

Cheryl's Contributions