#56 – The Best Cybersecurity Defense (And It’s Not Found In Technology)


EFFECTED USERS: Everyone who uses the internet

Hair of fire 3 of 5

SUMMARY: Cybersecurity is about changing culture, not employing technology.

Last March, the White House puts out dire warnings about escalating cyberthreats. Today businesses nationwide are doing their best to fortify their data security tools and software.

But business leaders, and personal users are overlooking a hacker’s primary way in: vulnerable, exploitable humans. The best defense against cyberthreats, say two veteran cybersecurity strategists, lies in an organization’s security culture. 

More than 85% of breaches traced back to humans and ransomware attacks surfacing every two seconds—at a cost of billions of dollars. Whether you are in charge of cybersecurity for a Fortune 500 or your household—one thing is clear: promoting security information and “awareness” isn’t enough. You must bake security into your culture. 

Here with me to talk about all of this today is Kai Roer. Kai is the chief research officer for KnowBe4, and created the Security Culture Framework (SCF), which transformed the information security industry. He received the Ron Knode Service Award by the Cloud Security Alliance for his extensive volunteer work in the security community, he is a popular keynote speaker and guest lecturer, and is the author of two books on cybersecurity protection.

  1. What is a ‘culture’ related to cybersecurity
  2. How to scientifically measure your security culture across 7 unique dimension
  3. What is a good anthropological analogy for cybersecuity culture: Seatbelts

Security culture is a mysterious and confusing topic to many leaders. Most mistakenly believe that simply sharing best security practices will “fix” their people’s oh-so-risky behaviors, say PERRY CARPENTER and KAI ROER, authors of The Security Culture Playbook: An Executive Guide to Reducing Risk and Developing Your Human Defense Layer (Wiley; April 19, 2022). 

More about Kai:

His Twitter handle is: @kairoer

His LinkedIn Profile is https://www.linkedin.com/in/kairoer

Hi Blog is: roer.com

His company’s US webpage is: https://www.knowbe4.com/

His latest book is: https://www.securityculturebook.com/

See other books by Kai’s here: https://www.amazon.com/Kai-Roer/e/B004805MYC

That’s all the time we have!

Don’t forget to check out our sponsor, and home of my day-job: SAFE Classroom, at http://www.thesafe.io

Thanks for listening

Published by

David W. Schropfer

David W. Schropfer is the CEO of SAFE (Smartphone Authentication For Everyone), a cybersecurity company in New York (www.theSafe.io).  Every day, he and his team of professionals keep the people who use The SAFE Button protected from some of the most common traps, hacks and attacks that target computer systems of all sizes. David is the author of the bestselling cybersecurity book, Digital Habits: 5 Simple Tips to Help Keep You and Your Information Safe Online. His previous books, including The Smartphone Wallet and industry whitepapers, predicted some of the biggest trends in the payments, mobile, and security industries.  Since graduating Boston College, David earned an Executive MBA from the University of Miami.

One thought on “#56 – The Best Cybersecurity Defense (And It’s Not Found In Technology)

Comments are closed.