SAINTCON 2023 - Sean McHenry - Engineering Your Employees Before They Are Socially Engineered

Sean McHenry

Empower your employees to make good cybersecurity decisions while protecting your organization from social engineering threats with expert insights on trust-building, education, and effective leadership.

Key takeaways
  • Employees are the most important asset when it comes to cybersecurity, but they are often overlooked.
  • Social engineering is a serious threat and can have devastating consequences, such as the unauthorized disclosure of customer records.
  • Trust must be built with employees and they must be empowered to make good decisions.
  • Understand the psychology of humans, including their motivations, biases, and assumptions.
  • Good communication and feedback are essential for building trust and improving engagement.
  • Governance, risk, and compliance are critical for ensuring the security of an organization’s systems and data.
  • Employees must be educated on cybersecurity best practices and encouraged to report suspicious activity.
  • Empathy and understanding are key to resolving conflicts and improving relationships.
  • Good leadership and management are essential for building a successful cybersecurity team.
  • Securing applications and networks is crucial for protecting an organization’s assets.
  • Conductance and resistance are important concepts in electronics and can be applied to cybersecurity.
  • The left tackle in a football team is like the security team, protecting the blind side and providing support.
  • Providing positive feedback and recognizing employee achievements is important for building trust and engagement.
  • The concept of “zing” refers to the energy and excitement that comes from doing something you love.
  • The concept of “op tempera” refers to the tendency to take the easy way out and avoiding challenges.
  • The concept of “creative destruction” refers to the process of innovation and improvement.