I just finished presenting Securing The Human at SANS Baltimore.  This presentation defines the challenges in securing the human (primarily why we are so bad at judging risk) and the key steps to a successfull program to address these challenges (humans have vulnerabilities just like technology).  As always, SANS has a great crowd.  What I love best are not only the challenging questions, but the lessons learned others have to share.  As promised, you can download the presentation here.   Missed the presentation?  I'll be presenting again next week in Albany, NY for the 13th Annual New York State Cyber Security Conference.

NOTE: I've updated the presentation since SANS, the link above is the latest version of the presentation, not the version I presented at the conference.