Blogs Insights from HRMCon 2024...
July 26, 2024
Living Security’s third annual Human Risk Management Conference took place on June 20th bringing together over two dozen experts in various disciplines of cybersecurity to provide insight on strategy to combat the most common risk vectors that are challenging organizations today.
Guests included Brian Krebs, cybercrime investigative journalist; Jessica Burn, principal analyst at research advisory Forrester; and David Kennedy, cybersecurity veteran and founder and CEO of Trusted Sec.
Living Security Founder and CEO Ashley Rose highlighted a crucial point: While organizations spend $200 billion each year on cybersecurity, only 2% is focused on human-centered risk, a significant factor in 68% of security breaches.
What is meant by human-centered risk, exactly? Risks that are directly related to how individuals interact with technology and information systems. Here are the key aspects of human-centered risk in cybersecurity:
Related Reading: Living Security’s Social Engineering Guide.
Related Reading: Insider Threat Awareness Tools & Resources
Krebs agreed that mitigating the risk of employees creating unintentional breaches is essential. “Humans are the key,” he said. “They're the fastest way to undo all of the security in your organization. That's why so much cybercrime is so heavily reliant on humans. And that will fundamentally never change.”
Krebs added, “A lot of what organizations try to pursue in the name of security awareness training ends up being more like ‘gotcha’ training, and that creates an adversarial relationship between normal users in the network and the security people.”
Related Reading: The Types of Data Breaches Workplaces Face
Artificial Intelligence is transforming the cybersecurity landscape, playing a dual role that both fortifies and challenges our digital defenses. Bad actors are now using AI to craft sophisticated phishing scams, automate the search for exploitable system weaknesses, and even develop malware that can evolve to evade detection.
In his keynote, trusted Sec CEO David Kennedy, a former CISO with two decades of experience in the field, discussed cybercriminals’ rapid move into using AI, voice cloning, and new advances in ransomware and how organizations can prepare and defend against those attacks.
Although AI may potentially aid cybersecurity in automating threat detection, predicting vulnerabilities, and streamlining incident response with remarkable precision, Rose and Krebs addressed “breach fatigue,” how introducing AI into cybersecurity may cause more problems than it solves, and what effective cybersecurity training looks like.
This digital arms race and constant tug-of-war underscores the need for continuous innovation in security measures, ensuring that defenders stay one step ahead in the cat-and-mouse game of modern cybersecurity.
Human Risk Management Conference 2024 On Demand offers the live event’s 16 sessions across four tracks:
The 22 speakers include John Brickey, senior vice president of cybersecurity at Mastercard; Shawnee Delaney, founder and CEO at Vaillance Group; Michele Kim, director of technology risk at Fitch Ratings; David Tunley, cybersecurity engagement lead at Rivian; and Drew Rose, founder and CSO at Living Security.
To view any of the keynotes or sessions, visit HRMCon 2024 OnDemand. To learn more about Living Security’s leading solution for human risk management, visit https://www.livingsecurity.com/platform.