The Annual SANS Security Awareness Summit is the premier event for Security Awareness professionals in the industry. This two-day Summit includes expert awareness-focused talks, interactive discussions, networking opportunities, and more. See a selection of presentations from our 2021 SANS Security Awareness Summit.
Leverage the Power of Enabling Change
Rob Oddi, Change Management, Culture & Leadership Expert
Leaders realize that to successfully prepare their organizations to stand tall against cyber attacks, they have to focus on the people-side of cyber security - (which is where most cyber attackers target today). This means moving beyond a basic security posture of basic compliance to one where your people move from being passive recipients of information (and an unpredictable variable when it comes to risk) to being active cyber champions and assets who serve as a strong shield. Organizations don’t change - it’s the people inside who do, and the organizations who focus on people, culture, and leadership are those that will rise to the top and be best positioned for success when it comes to becoming a cyber transformed organization with a powerful security posture. This interactive and engaging session guaranteed to provide insight and 'aha' moments will leave you with innovative practical approaches that can immediately be applied in how you deal with your security awareness efforts.
The Power of the Collective
Whether you've been in security for awhile or are new to the field, chances are you've come across the National Cybersecurity Alliance. We are the founder of Cybersecurity Awareness Month, the champion of Data Privacy Day, and have the world's coolest url, staysafeonline.org. Our mission is to empower a more secure, interconnected world. Lisa Plaggemier will share what's new with the National Cybersecurity Alliance, including all the FREE resources available to help you run an engaging and effective program. We'll also look at ways YOU, your organization and even your family can get involved.
Ransomware, Security Awareness, and YOU!
Ryan Chapman, Principal Incident Response Consultant, BlackBerry and SANS Associate Instructor
Let's talk about ransomware; one of the largest threats to organizations around the world. The security awareness team can be a critical piece to the puzzle when it comes to developing, implementing, and carrying out a solid ransomware prevention plan. In this talk we'll discuss what ransomware is, how it works, and how it can be prevented via fostering vigilance within the organization. We'll also discuss how the security awareness team can take part in the response effort should a ransomware incident occur, and more.
What Your Awareness Program Can't Fix - And How You Fix That
John Scott, Head of Security Education, Cyber Security Division, Bank of England and SANS Associate Instructor
When errors happen, awareness programs are often tasked with cleaning up afterwards - "give them more training!" - even when we know that it won't have any impact. But how do you push back, and do something more effective?
In this presentation, John Scott will walk you through the field of human error, drawing on research from the safety field into slips, lapses and mistakes to explain what your program can fix when it comes to the incidents people cause, what it can't, and what you can do instead.
Don't Reward The Brilliant Jerk: Fix Toxic Security Culture
Welcome to security's dirty secret: Toxicity! Firms depend on the security team to keep employees and customers safe from malicious attackers. But what if a toxic team culture causes your team to lose steam on the critical projects they're working on because the biggest enemy is the team itself? This session will outline Forrester's 10 causes of toxic security culture and how to deal with them.