Explore HRMCon
On-Demand
Dive into the insights and discussions from HRMCon. Watch the recorded sessions at your convenience.
Each year, HRMCon brings together cybersecurity thought leaders and practitioners to present a half-day virtual conference geared toward continuously evolving the power of behavior change in mitigating risks.
From Awareness to Ownership: Turning Security Culture into a Measurable Business Outcome
November 13, 1:00 PM CT
Security is often called “everyone’s responsibility,” but it rarely factors into how performance is measured or managed.
In this session, experts from Living Security will explore how human risk scorecards—for both individuals and managers—bring security into everyday performance conversations.
You’ll learn how to:
- Bridge the gap between culture and accountability
- Transform security from a side project into a measurable business outcome
- Advance your HRM program's maturity with progress in the Culture and Workforce Engagement category
A Sneak Peek into Living Security's Scorecards:
Breakout Tracks |
|||
Human RiskQuantification |
Risk-BasedPolicy & Training Interventions |
Workforce Educationand Enablement |
PositiveSecurity Culture |
Quantifying Behaviors to Mitigate Human Risk in HRMChris Poirel, Living Security |
Targeting Awareness of Cyber Threats with Risk-Based Policies & Training InterventionsDavid Tunley, Rivian |
Hook, Line, and SinkerAaron Strong, Syniverse |
Building a Robust Security CultureTerry Smith, Blackbaud |
 |
 |
 |
 |
Human Risk Management 2.0Jon Brickey, Mastercard |
Empowring Your Human Firewall: Orchestration for Cyber Resilience and TrainingSandy Evans, Living Security |
How to Deepen Your Career in Security AwarenessCassie Clark, Consultant |
HRM's Role Cultivating a Positive Security Culture for your OrganizationShawnee Delaney, Vaillance Group |
 |
 |
 |
 |
The State of Human Risk QuantificationMaria Long, Violet Sullivan & Julian Sylvestro |
MindSecure: Elevating Cyber Resilience through Cyberpsychology and Organization SynergyAllen Ohanian, LA County |
Own Your Security Journey: Empower All Levels to Track Human Risk & Drive Continuous ImprovementErik Book, Living Security |
Borrowing Brilliance: What Security Awareness and Training Should Steal from MarketingMike Taylor, Nationwide |
 |
 |
 |
 |
Connecting Emerging Threat Intel to Human Risk QuantificationJosh Bartolomie, Cofense |
Evolving from Annual Security Compliance Training to Risk-Based Policy and TrainingMichele Kim, Fitch Ratings |
Using Human Risk Management to Drive Behavioral ChangeBrandy Harris, CyberEd |
Scorecards & Vigilance: Unleashing the Power of Your Workforce for a More Secure FutureNick Marchiselli, Living Security |
|
|
|
|
Violet Sullivan
Crum & Forster | AVP, Cyber Solutions Team Leader
The State of Human Risk Quantification
It’s undeniable that the vast majority of cyber events can be attributed to human error. From falling victim to a phishing attack to misconfiguration of security controls, humans have the power to be the weakest link or the strongest asset when it comes to avoiding a cyber-attack. So how does the cyber insurance market quantify human susceptibility when evaluating an insured? In this session, an expert panel of cyber insurance risk managers and advocates discuss the status quo of human risk quantification, and how we hope to evolve evaluation of this risk facet.
About Violet
Ms. Sullivan is an industry-leading cybersecurity and privacy attorney and Certified Information Privacy Professional (CIPP/US) who has provided thousands of clients with cybersecurity, privacy and emerging technology (AI) services. She currently leads the Crum & Forster Cyber Solutions Team, providing cyber insurance policyholders with value added resources before, during and after a cyber incident. Her expertise in preparing businesses for cyber incidents and managing scaled breach responses has made her a trusted authority for public and private sector clients, including many Fortune 100 companies. Ms. Sullivan also serves as a professor of Cybersecurity & Privacy Law for Baylor Law School’s LLM. Program, where her focus on litigation management has made her course especially valuable to general counsels and leading law firms nationwide.
Living Security Blog
How Modern AI Attacks Target Employee Access and What Human Risk Management Must Do Next
New Anthropic research shows how a Chinese state sponsored group used AI to automate reconnaissance, exploit development, and credential harvesting across global targets. The attack succeeded because stolen usernames and passwords unlocked high privilege access. This article explains how Human Risk Management strengthens the identity layer by correlating security signals to human behavior and reducing the weak points AI driven attackers now exploit.
The Future Is Now: Introducing Human Risk Management. This is not just a name change. It is a significant change of mindset, strategy, process, and technology about how we approach an old problem in a new world.
Jinan Budge
| Chris Poirel | Sandy Evans | Erik Book | Nick Marchiselli |
|
|
|
|
| Data-Driven Decisions: Quantifying Behaviors to Mitigate Human Risk in HRM | Empowering Your Human Firewall: Orchestration for Cyber Resilience & Training | Own Your Security Journey: Empowering All Levels to Track Human Risk & Drive Continuous Improvement | Scorecards & Vigilance: Unleashing the Power of Your Workforce for a More Secure Future |
The Future Is Now: Introducing Human Risk Management. This is not just a name change. It is a significant change of mindset, strategy, process, and technology about how we approach an old problem in a new world
Jinan Budge
