Abstract: 

Organizations are constantly barraged with phishing campaign attacks, and one organization suffers a breach every fourteen seconds. According to the 2021 Verizon data breach report, over 85% of data breaches are due to human error. It is worth noting how the criminals get into an organization's systems and infrastructure. It comes down to phishing attacks or misconfigured and unpatched systems. One solution is utilizing a robust security awareness and training program. However, how many employees take it, retain it, or use it? If the program is useful, why do breaches continue to occur? Organizations have training programs. Employees complete it and move on. Unfortunately, most of the time, they don't remember it. Thus the next evolution of security awareness must be an influential security culture. Within security, culture is a security mindset for every employee and can significantly reduce the risk of a data breach among employees.  

Learning Objectives:

• Understand why security culture is essential and needed with security awareness and training

• Implementing policies for a strong security culture within your organization.

• How to effectively measure your security culture.

About the speaker: 

James McQuiggan has over 20 years of experience in cybersecurity. He is currently a Security Awareness Advocate for KnowBe4, where he is responsible for amplifying the organization's messaging related to the importance of, effectiveness of and the need for new-school security awareness training within organizations through social media, webinars, in-person presentations, industry trade shows and traditional media outlets.

McQuiggan is also a part-time faculty professor at Valencia College in the Engineering, Computer Programming & Technology Division. Within the Central Florida community, he is the president of the (ISC)2 Central Florida Chapter and a member of the Trustee Board for the Center for Cyber Safety and Education.