Events , RSA Conference , RSA Conference Videos

Applying Human Risk Management for Better Security Awareness

Ashley Rose, Founder and CEO of Living Security, on Targeted Awareness Training
Ashley Rose, founder and CEO, Living Security

Creating and understanding risk profiles for individual users in an organization can help optimize the effectiveness of security awareness training, which is just one tool under the wider umbrella of human risk management, said Ashely Rose, founder and CEO of Living Security.

See Also: Safeguarding Election Integrity in the Digital Age

"There are loads of data in security programs and security technologies that have traditionally not been used in the human or identity context," she said. "Most of the time, we're sending that data back into a SIEM. We're looking at our infrastructure, our networks, our devices - but the human is overlooked," she said. Living Security's approach is to take all that data and bring it together in the context of the user.

"From there we can start understanding where is someone's strengths and weaknesses - where are the gaps in our security programs, which users are the most vigilant users that we should be looking at as security champions, and where are the riskiest users that we need to be paying more attention to," she said. "From there we can take the next step to administer things like security awareness training but doing it in a more intelligence, data-driven approach."

In this video interview with Information Security Media Group at RSA Conference 2024, Rose also discussed:

  • Why innovative approaches - such as simulated phishing, escape rooms and gamification - have a positive effect in engaging employees in security awareness training;
  • How Living Security uses machine learning and algorithms in bringing disparate information together to put the user in better context for targeted security awareness training;
  • How Living Security addresses privacy concerns.

Rose has been the driving force behind Living Security's rapid growth. Founding in 2017, the company is focused on reducing human risk and protecting organizations from cybercrime.

About the Author

Tom Field

Tom Field

Senior Vice President, Editorial, ISMG

Field is responsible for all of ISMG's 28 global media properties and its team of journalists. He also helped to develop and lead ISMG's award-winning summit series that has brought together security practitioners and industry influencers from around the world, as well as ISMG's series of exclusive executive roundtables.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.