Security is not just about the technology; as the number of successful data breaches and cyberattacks continues to rise, we must ask ourselves what’s wrong with our training, education and awareness programs.
According to the 2017 SANS Security Awareness Report, 54 percent of security awareness professionals expressed that their organization is promoting awareness and behavior change, while 27 percent are simply compliance focused. Lack of resources (58 percent) and communication and employee engagement (30 percent) are the biggest challenges facing security awareness.
In this episode of the InSecurity Podcast, host Shaun Walsh is joined by special guests Beverly Allan, host of the podcast Practical Security Radio, and Dave Jordan, CISO for Arlington County, who discuss how best to deliver effective education and awareness campaigns so that individuals, organizations, and the community adopt and practice effective cybersecurity measures.
About Beverly Allen
Beverly Allen has worked in the security and technology industry for over two decades. She earned her undergraduate degree in Computer and Management Science from the University of Maryland, University College in College Park Maryland; and her Master's degree in Systems Engineering from the George Washington University's School of Engineering and Applied Science. She holds the Certified Information Systems Security Professional (CISSP) certification from (ISC)2; the Certified Information Systems Auditor (CISA), and Certified in Risk and Information Systems Control (CRISC) certifications from ISACA.
About Dave Jordan
As CISO for Arlington County, Jordan is responsible for Information Security Strategy, Policy and Cyber Incident Emergency Operations for the County. Prior to this role, he was an Independent Product Integrity Consultant to the Board of Directors of Latatel de America, MCI, SPRINT and TeleGlobe Canada. Previously, he worked in MCI’s headquarters as Senior Manager in the Systems Integrity Technical Security Engineering division.
During his time with MCI, he founded its Systems Integrity Division and represented MCI’s Technical Security Strategy to the industry. He was also one of the principal craftsmen of MCI’s anti-fraud and network security framework and served as its U.S. State Department delegate to the United Nations International Telecommunications Union (ITU).
Jordan was also instrumental in the development of Arlington County’s first SMS (Short Message Service) Alert System, and was a founding member of the National Capital Region Council of Governments CISO committee. He has been recognized with a number of awards including the Homeland Security Journal’s “Leadership Award” in 2006 and Computerworld’s “100 Premier IT Leaders” in 2004. He holds seven telecommunications patents to prevent telecom fraud.
About Shaun Walsh
Shaun Walsh (@cingulus) leads Cylance’s global marketing strategy, channels, campaigns, digital marketing and communications efforts. Prior to joining Cylance, Shaun served as VP of Corporate Marketing and GM of the Ethernet business unit at QLogic, and previously served as the SVP of Marketing and Corporate Development at Emulex.
About Matt Stephenson
Matt Stephenson (@packmatt73) leads the Security Technology team at Cylance which puts him in front of crowds, cameras and microphones all over the world. Twenty years of work with the world’s largest security, storage and recovery companies has introduced Matt to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come before.