Podcasts about human risk

Why is it so hard to stop people playing vides, music or phone calls out loud on public transport — and what does that tell us about changing human behaviour? Show Summary This episode of The Human Risk Podcast is a little different. It is a cross-cast from The Freewheeling Podcast, hosted by Thomas Ableman, in which I join Thomas to tackle a problem raised by the show's most important listener: his mum.The issue? People using phones, videos, music and speaker calls out loud on trains and buses. What begins as a seemingly small transport etiquette problem quickly becomes a much bigger conversation about social norms, antisocial behaviour, customer experience, incentives, enforcement and the limits of signage. In our discussion, we explore why simply telling people to stop may not work, how reactance can make things worse, and why transport operators need to think more creatively about behaviour change.Along the way, we consider quiet carriages, “electronic entertainment carriages”, cheap headphones, better-targeted messaging, staff intervention, social media campaigns and the wider question of whether public transport operators are responsible for the behaviour of the humans they carry.The Freewheeling Podcast The Freewheeling Podcast  is a show for transport change-makers. It explores how we can move forwards faster, bringing listeners fresh voices, new ideas and unconventional thinking.While it has a strong focus on transport and mobility, the show also ranges into entrepreneurship, politics, public policy, cities and how systems can be designed to work better for the people who use them.Links The Freewheeling Podcast - https://www.freewheeling.info/the-freewheeling-podcastThomas on LinkedIn - https://www.linkedin.com/in/thomasableman/

Send us Fan MailYou can't just “train harder” to mitigate human risk. We sit down with Ashley Rose, CEO and co-founder of Living Security, to unpack why classic security awareness training (SAT) often produces neat dashboards with flimsy outcomes, and what it takes to build a security culture that people actually engage with. Ashley shares her non-traditional path into cybersecurity, how marketing principles map nicely to behavior change, and why the security team has to become approachable if we want employees to ask questions, report issues, and stop working around controls. We trace Living Security's early days running security escape rooms, then zoom out to the bigger shift: human risk management (HRM) as a true risk management function. That means moving beyond completion rates and phishing simulations to quantify likelihood and impact using real signals across behavior, threat, and identity. We get specific about what that looks like in practice: endpoint compliance, MFA adoption, password hygiene, dark web credential exposure, privilege levels, and blast radius. The payoff is prioritization and focus, including the uncomfortable reality that a small percentage of users can drive a majority of measurable risk. We also dig into the hard parts that make or break programs: integrating data in messy enterprises, avoiding noisy alert floods, and operationalizing outcomes through automation and adaptive controls. One of the most practical takeaways is simple but sharp: make the secure path the easiest one to follow. When people repeat risky actions, it often signals friction and broken business processes, not “bad users.” We close by looking ahead to a hybrid workforce where humans and AI agents share access, shifting the workforce attack surface again. If you're a CISO, security leader, or practitioner trying to prove ROI, reduce phishing and insider risk, and modernize security awareness into measurable human risk management, hit play. Subscribe, share with a teammate, and leave a review, then tell us: what's the most broken workflow in your organization that security should fix first?

Flavius Plesu is the founder and CEO of OutThink, a revolutionary Human Risk Management Platform (SaaS) empowering CISOs by targeting the source of 90% of all data breaches: human behavior. In this episode, he joins host Charlie Osborne and Jim Rutt, CIO/CISO at The Dana Foundation, to discuss human risk and how its perception has evolved within the cybersecurity industry. Culture Shapes Security is a Cybercrime Magazine podcast series brought to you by OutThink. To learn more about our sponsor, visit https://outthink.io.

Send us Fan MailKen Rayner and Kenrick Bagnall of RB Cyber, detailed a comprehensive security architecture designed to bridge the gap between human vulnerability and technical resilience. The strategy centers on two flagship solutions: Watchdog, which provides advanced human-risk monitoring, policy governance, and seamless integration with Google Workspace, Microsoft 365, and major EDR/MDM platforms; and NeuShield, featuring patented Mirror Shielding technology. This innovative approach allows for near-instant ransomware recovery, with current support for NTFS, OneDrive, and Windows environments, and macOS compatibility arriving shortly. Beyond software, the offering provides a high-touch “A-Team” incident response service via a 1-800 hotline, supplemented by specialized legal and PR support to manage the aftermath of a breach.

So you want to be a CISO? Do you know what that role entails? It depends on a number of factors, including industry, country location, technical vs. business, and more. Each position is more different than you think. Joanna Chen, Chief Information Security Officer at Dashlane, joins Business Security Weekly to discuss why not all CISO gigs are created equal. As a "technical" CISO in a foreign country, Joanna realized that not all of her peers came from a technical background, like herself. It's a broad world and the CISO role varies a lot. Joanna will discuss how to understand the various CISO roles and discuss the skills that are makers and breakers. Managing Cyber Risk as Financially Motivated Attacks Grow The ransomware and eCrime landscape continue to evolve at a rapid pace. ESET's global research team has been closely following ransomware gang disruptions and their use of EDR Killers to disable cybersecurity tools. In this interview, Tony Anscombe will take a look into recent research, and explore how the industry and businesses are responding to combat financial risk and mitigate threats. This segment is sponsored by ESET. Visit https://securityweekly.com/esetrsac to learn more about them! Attack Surface Just Got a Copilot AI adoption is accelerating faster than most organizations can secure it — and the consequences are showing up in email inboxes, collaboration platforms, and the shadow tools employees use every day. According to Mimecast's State of Human Risk 2026, 80% of organizations are concerned about sensitive data exposure through generative AI tools, yet 60% still lack strategies to address AI-driven threats. The result is a growing gap between the security investments organizations are making and the protection they're actually getting. In this conversation, Rob Juncker will explore why human behavior has become the defining variable in enterprise cybersecurity, how shadow AI is creating new data exposure and insider risk vectors, and what it takes for security architectures to adapt in real time — without slowing down the business. This segment is sponsored by Mimecast. Visit https://securityweekly.com/mimecastrsac to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-443

So you want to be a CISO? Do you know what that role entails? It depends on a number of factors, including industry, country location, technical vs. business, and more. Each position is more different than you think. Joanna Chen, Chief Information Security Officer at Dashlane, joins Business Security Weekly to discuss why not all CISO gigs are created equal. As a "technical" CISO in a foreign country, Joanna realized that not all of her peers came from a technical background, like herself. It's a broad world and the CISO role varies a lot. Joanna will discuss how to understand the various CISO roles and discuss the skills that are makers and breakers. Managing Cyber Risk as Financially Motivated Attacks Grow The ransomware and eCrime landscape continue to evolve at a rapid pace. ESET's global research team has been closely following ransomware gang disruptions and their use of EDR Killers to disable cybersecurity tools. In this interview, Tony Anscombe will take a look into recent research, and explore how the industry and businesses are responding to combat financial risk and mitigate threats. This segment is sponsored by ESET. Visit https://securityweekly.com/esetrsac to learn more about them! Attack Surface Just Got a Copilot AI adoption is accelerating faster than most organizations can secure it — and the consequences are showing up in email inboxes, collaboration platforms, and the shadow tools employees use every day. According to Mimecast's State of Human Risk 2026, 80% of organizations are concerned about sensitive data exposure through generative AI tools, yet 60% still lack strategies to address AI-driven threats. The result is a growing gap between the security investments organizations are making and the protection they're actually getting. In this conversation, Rob Juncker will explore why human behavior has become the defining variable in enterprise cybersecurity, how shadow AI is creating new data exposure and insider risk vectors, and what it takes for security architectures to adapt in real time — without slowing down the business. This segment is sponsored by Mimecast. Visit https://securityweekly.com/mimecastrsac to learn more about them! Show Notes: https://securityweekly.com/bsw-443

So you want to be a CISO? Do you know what that role entails? It depends on a number of factors, including industry, country location, technical vs. business, and more. Each position is more different than you think. Joanna Chen, Chief Information Security Officer at Dashlane, joins Business Security Weekly to discuss why not all CISO gigs are created equal. As a "technical" CISO in a foreign country, Joanna realized that not all of her peers came from a technical background, like herself. It's a broad world and the CISO role varies a lot. Joanna will discuss how to understand the various CISO roles and discuss the skills that are makers and breakers. Managing Cyber Risk as Financially Motivated Attacks Grow The ransomware and eCrime landscape continue to evolve at a rapid pace. ESET's global research team has been closely following ransomware gang disruptions and their use of EDR Killers to disable cybersecurity tools. In this interview, Tony Anscombe will take a look into recent research, and explore how the industry and businesses are responding to combat financial risk and mitigate threats. This segment is sponsored by ESET. Visit https://securityweekly.com/esetrsac to learn more about them! Attack Surface Just Got a Copilot AI adoption is accelerating faster than most organizations can secure it — and the consequences are showing up in email inboxes, collaboration platforms, and the shadow tools employees use every day. According to Mimecast's State of Human Risk 2026, 80% of organizations are concerned about sensitive data exposure through generative AI tools, yet 60% still lack strategies to address AI-driven threats. The result is a growing gap between the security investments organizations are making and the protection they're actually getting. In this conversation, Rob Juncker will explore why human behavior has become the defining variable in enterprise cybersecurity, how shadow AI is creating new data exposure and insider risk vectors, and what it takes for security architectures to adapt in real time — without slowing down the business. This segment is sponsored by Mimecast. Visit https://securityweekly.com/mimecastrsac to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-443

So you want to be a CISO? Do you know what that role entails? It depends on a number of factors, including industry, country location, technical vs. business, and more. Each position is more different than you think. Joanna Chen, Chief Information Security Officer at Dashlane, joins Business Security Weekly to discuss why not all CISO gigs are created equal. As a "technical" CISO in a foreign country, Joanna realized that not all of her peers came from a technical background, like herself. It's a broad world and the CISO role varies a lot. Joanna will discuss how to understand the various CISO roles and discuss the skills that are makers and breakers. Managing Cyber Risk as Financially Motivated Attacks Grow The ransomware and eCrime landscape continue to evolve at a rapid pace. ESET's global research team has been closely following ransomware gang disruptions and their use of EDR Killers to disable cybersecurity tools. In this interview, Tony Anscombe will take a look into recent research, and explore how the industry and businesses are responding to combat financial risk and mitigate threats. This segment is sponsored by ESET. Visit https://securityweekly.com/esetrsac to learn more about them! Attack Surface Just Got a Copilot AI adoption is accelerating faster than most organizations can secure it — and the consequences are showing up in email inboxes, collaboration platforms, and the shadow tools employees use every day. According to Mimecast's State of Human Risk 2026, 80% of organizations are concerned about sensitive data exposure through generative AI tools, yet 60% still lack strategies to address AI-driven threats. The result is a growing gap between the security investments organizations are making and the protection they're actually getting. In this conversation, Rob Juncker will explore why human behavior has become the defining variable in enterprise cybersecurity, how shadow AI is creating new data exposure and insider risk vectors, and what it takes for security architectures to adapt in real time — without slowing down the business. This segment is sponsored by Mimecast. Visit https://securityweekly.com/mimecastrsac to learn more about them! Show Notes: https://securityweekly.com/bsw-443

Aujourd'hui, nous plongeons au cœur du défi numéro un de la cybersécurité moderne : le risque humain.Car ne vous y trompez pas, si les pare-feu et les algorithmes de détection sont de plus en plus robustes, les attaquants, eux, ont trouvé une parade bien plus efficace : pirater l'utilisateur plutôt que la machine. L'effondrement du paradigme technocentréPremier point de rupture, l'effondrement du paradigme technocentré.Pendant des années, la réponse à toute menace a été l'empilement de solutions logicielles affirme le rapport The State of Human Risk 2026 de la société Mimecast.Pourtant, aujourd'hui, la majorité des incidents majeurs ne provient pas d'une faille de code, mais d'un abus d'identifiants ou d'une erreur de manipulation de la part des utilisateurs.Et les cybercriminels exploitent systématiquement ces faiblesses.On sécurise des forteresses videsMais le problème n'est pas que l'humain est faible. En fait nos systèmes de protection n'ont pas été pensés pour la manière dont les employés travaillent réellement en 2026.En clair, on sécurise des forteresses vides alors que les employés sont déjà dehors, exposés à un hameçonnage ultra-personnalisé par l'IA.Ensuite, il faut regarder la réalité mathématique de ce risque, et elle est frappante.Saviez-vous que seulement 8 % des collaborateurs sont à l'origine de 80 % des incidents de sécurité ?En clair, nous faisons face à une concentration extrême du danger.Et attention, on ne parle pas ici de sabotage interne ou de malveillance. Il s'agit la plupart du temps d'employés bien intentionnés, mais victimes de la fatigue, de la distraction ou de tactiques d'ingénierie sociale tellement sophistiquées qu'elles deviennent indétectables.Et l'impact financier, lui, n'a rien de virtuel. Un seul incident lié à une menace interne coûte en moyenne 13 millions de dollars.La place de la FranceEnfin, comment se situe la France dans ce paysage mouvant ?Le marché français se distingue par une posture de "pragmatique prudent" selon l'étude.Les décideurs français ne cèdent pas à la panique mais adoptent une approche méthodique. Les DSI français ont compris que l'IA sert avant tout aux attaquants pour créer des leurres parfaits.Pour y répondre, la France mise sur deux leviers.D'abord, une gouvernance de fer héritée des secteurs très réglementés comme la banque, qui tire l'ensemble du marché vers le haut.Ensuite, une conviction profonde que la technologie seule est aveugle sans formation.En France, l'éducation des utilisateurs est donc perçue comme un investissement de sécurité prioritaire.Le ZD Tech est sur toutes les plateformes de podcast ! Abonnez-vous !Hébergé par Ausha. Visitez ausha.co/politique-de-confidentialite pour plus d'informations.

Three decades. Billions of dollars in security investment. And the human element still sits behind 68% to 72% of every breach that happens. If that statistic does not make you uncomfortable, you have probably been in this industry long enough to have accepted it as inevitable. Masha Sedova has not accepted it, and this episode is the result of a career spent refusing to.Masha co-founded Elevate Security, built it into the leading human risk management platform in the space, and watched it get acquired by Mimecast - where she now leads human risk strategy and product across a portfolio that combines email security, DLP, collaboration security, and behavioral risk intelligence under one roof. She is one of the most rigorous thinkers working at the intersection of people and security, and this conversation left me genuinely rattled in the best possible way.We talk about what human risk management actually is and why calling it a rebrand of security awareness is a disservice to both categories. We get into the 8/80 rule - the finding that 8% of your workforce is responsible for 80% of your incidents - and what it means for how security budgets should actually be allocated. We cover the four personas framework, the open ecosystem bet, the board conversation, and the cultural debt that the phrase 'humans are the weakest link' has accumulated over thirty years. I push back where I think the industry has not fully reckoned with what it is building, and Masha pushes right back.If you work in cybersecurity in any capacity - whether you are a CISO, a founder, an investor, or a marketer trying to understand what your buyers actually care about - this episode will change how you think about the human element problem.Listen and enjoy.A special thanks to our friends at Mimecast for partnering with us to tell this story. This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit audience1st.substack.com

Generative AI is being adopted faster than almost any technology in recent history. The productivity upside is massive—but so are the security implications. As companies rush to integrate AI into everyday workflows, many are discovering that the biggest risks aren't always technical—they're human. In this episode of Right About Now, Ryan sits down with Nicole Jiang, co-founder and CEO of Fable Security, to unpack how organizations can embrace AI while protecting sensitive data and minimizing human-driven security risks. Nicole explains why AI adoption is creating a divide between companies moving quickly and those falling behind, and why security strategies must evolve just as fast. They also explore how human behavior often becomes the weakest link in cybersecurity—from employees unintentionally sharing sensitive information with AI tools to organizations failing to clean up messy data systems before adopting new technologies. Nicole shares how companies can rethink security training, why traditional cybersecurity tools miss the human layer, and simple steps individuals can take to practice better AI hygiene in their daily work. Topics Covered Why AI adoption is accelerating faster than most security frameworks The growing gap between AI-enabled companies and slower adopters How human behavior creates new cybersecurity risks What sensitive information employees accidentally share with AI tools Why data hygiene matters before adopting AI systems The rise of AI-powered phishing and social engineering attacks How companies can balance innovation with security Why traditional security tools struggle with human risk The difference between security training vs. real-time coaching Practical tips for building better AI security habits Sponsors Wix Building a website and need a little help? Go to wix.com/harmony.  That's wix.com/harmony. To start your website today! Connect With The Guest Nicole Jiang Co-Founder & CEO, Fable Security Website: https://fablesecurity.com LinkedIn: Nicole Jiang Fable Security builds human-risk security platforms that help organizations identify risky employee behavior and deploy targeted interventions to improve cybersecurity practices. Connect With The Host Ryan Alford Host of Right About Now Website: www.RyanisRight.com Instagram: @ryanalford LinkedIn: Ryan Alford

In today's threat environment, attackers don't just target systems. They target people—and artificial intelligence is accelerating that reality. Generative AI enables social engineering at a scale and level of personalization that many organizations are not prepared to meet. Especially with yesterday's security awareness models.Today's guest is Matt Lindley, the Chief Innovation & Information Security Officer at NINJIO, a cybersecurity awareness training and human risk management platform. Matt is known for his work in emerging cyber threats, social engineering, compliance, AI strategy and transformation, and security risk management—especially where the human element is the critical variable.This conversation explores what modern human risk management looks like when the adversary can quickly and cheaply produce convincing messages, voices, and narratives. We'll also touch on two practical supporting themes: How to measure human risk with meaningful metrics, and how to drive culture change without creating security fatigue.

In episode 173 of Cybersecurity Where You Are, Sean Atkinson is joined by Roger Grimes, CISO Advisor at KnowBe4. Together, they discuss "scammer jousting," a term coined by Tony Sager which describes empowering organizations to manage human risk using simulated phishing.Here are some highlights from our episode:01:05. How simulated phishing and scammer jousting manage human risk03:48. The shift in perception of security awareness training over the past 20 years06:19. The need for testing to build capability and resiliency amongst employees09:27. The many faces of phishing attacks and the impact of generative artificial intelligence15:00. How gamification is proven to help users learn more in their cybersecurity training16:57. How data empowers organizations to communicate the potential impact of a phish19:57. The use of behavior engineering to foster a stronger security culture23:56. The value of customer feedback in continuously enhancing phishing training29:52. Continuous and hyper-personalized training as the future of spammer joustingResourcesEpisode 77: Data's Value to Decision-Making in CybersecurityEpisode 98: Transparency as a Tool to Combat Insider ThreatsA Short Guide for Spotting Phishing AttemptsCIS Controls v8.1 Security Awareness Skills Training Policy TemplateSANS Workforce Security and Risk TrainingThe Evolving Role of Generative Artificial Intelligence in the Cyber Threat LandscapeEpisode 110: How Security Culture and Corporate Culture MeshIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

Adam Keown is the CISO at Eastman. In this episode, he joins host Scott Schober and Kendra Cooley, Senior Director of Information Security and IT at Doppel, to discuss humans and the evolving cyber threat landscape, including what tailored, environment-specific training looks like, ideal resilience programs, and more. This episode of CISO Confidential is brought to you by Doppel. Learn more about our sponsor at https://doppel.com.

The Future of Human-Centered Risk Reduction in Tech: AI, Cybersecurity, and Developer Empowerment | Hosted by Gary Fowler | Top Global StartupsJoin Elizabeth Lawler Founder and CEO of AppMap, in a powerful conversation with Gary Fowler as they explore how AI, security, and next-gen developer tools are reshaping the future of innovation. From her background as a scientist and healthcare data expert to founding multiple high-impact startups acquired by industry leaders, Elizabeth shares real-world insights on protecting humans—not just systems—in the age of intelligent software.Insights You'll Learn:✓ Why reducing human risk is the most overlooked priority in modern tech✓ How AI is reshaping cybersecurity, DevOps, and developer workflows✓ Lessons from founding Conjur (acquired by CyberArk) and scaling AppMap to hundreds of thousands of users✓ The rise of code-level observability and why it matters today✓ How founders can navigate burnout, complexity, and emotional load while building high-impact companies✓ The future of secure AI-driven software development✓ What it takes to innovate at the intersection of data, security, and human behaviorWhy This Matters:As AI accelerates development and automation, the biggest vulnerabilities are shifting from systems to people. AppMap is pioneering a new approach: empowering developers with real-time intelligence directly inside their tools, reducing errors, vulnerabilities, and risk before they happen.Elizabeth's journey—from healthcare data science to cybersecurity, dev tools, and startup coaching—offers rare insight into what it truly takes to build safer, smarter, and more human-centered technology.

In this episode of Partnerships Unraveled, we sit down with Nihil Morjaria, Chief Revenue Officer at usecure — a UK-based cybersecurity vendor that has built its go-to-market strategy around managed service providers (MSPs) and distribution partners. Nihil unpacks how usecure pivoted from a direct sales model to becoming a channel-first organization, scaling to over 1,800 billing partners without compromising depth of enablement. From rebuilding their product and licensing model for MSP scalability to embedding automation and self-serve onboarding technology, Nihil shares a playbook that's turned strategic alignment into measurable growth.Channel professionals will gain a blueprint for what it really means to build a partner-centric organization. Nihil dives into the key elements that make vendors channel-friendly from flexible billing and multi-tenancy to product simplicity and marketing enablement. He also highlights one of today's most overlooked growth opportunities: compliance-as-a-service. Offering practical advice and real-world frameworks, this episode is a must-listen for anyone looking to evolve faster and scale smarter in the channel.Tune in for a refreshing, hands-on perspective on GTM transformation, MSP enablement at scale, and the growing importance of human risk management in evolving compliance needs._________________________Learn more about Channext

In this week's Security Sprint, Dave and Andy covered the following topics:Warm Open:• The White House fired 176 CISA employees on Friday, with more layoffs fearedLayoffs, reassignments further deplete CISA• Top cyber lawmaker wants answers on CISA workforce reductions• Tech industry unites behind bipartisan effort to urgently reauthorize US cyber threat information sharing law• What They Are Saying: Technology Stakeholders Urge Passage Of Peters & Rounds Bipartisan Bill To Restore Critical Cybersecurity Protections (CISA 2015)Main Topics:F5, AWS, Third Party Risk & Resilience:• AWS: Operational issue - Multiple services (N. Virginia). • AWS: Operational issue - Multiple services (N. Virginia). [RESOLVED] Increased Error Rates and Latencies• What the Huge AWS Outage Reveals About the Internet• AWS outage exposes Achilles heel: central control plane• F5: K000154696: F5 Security Incident• F5, Inc. Form 8K • ED 26-01: Mitigate Vulnerabilities in F5 DevicesRansomware & Data Breaches: • IT-ISAC: Quarterly IT Sector Ransomware Analysis Q3 2025, July -September. PDF.• BlackFog's 2025 Q3 Ransomware ReportArctic Wolf 2025 Human Risk Report Reveals Escalating Breaches, Overconfidence in Phishing Defenses, and Risky AI Behavior. Key findings from the 2025 Human Risk Behavior Snapshot include:Quick Hits:• AG Platkin Sets Standards for Active-Shooter Readiness • Satellites Are Leaking the World's Secrets: Calls, Texts, Military and Corporate Data• NCSC Warns Data Centres Face Rising Cybersecurity Threats• Microsoft Dominates Phishing Impersonations in Q3 2025 • UK NCSC - UK experiencing four 'nationally significant' cyber attacks every week• UK NPSA: Protecting our Democratic Institutions: Countering Espionage and Foreign Interference • DDoS Botnet Aisuru Blankets US ISPs in Record DDoS

Jeremy Maldonado breaks down cybersecurity fundamentals from a real-world IT operations perspective. From phishing and social engineering to patching best practices and zero trust, Jeremy shares practical insights to help you protect your organization — starting with your own behavior.He covers:Why the human factor is still your biggest vulnerabilityThe basics of zero trust in everyday communicationSocial engineering red flags to watch forHow to think strategically about patch prioritizationWhy most orgs still struggle with timely patchingTips for human-controlled automation using the Automox consoleWhether you're new to cybersecurity or want to tighten your patching strategy, this episode gives you a tactical refresh on where to focus your attention.

Join G Mark Hardy, host of CISO Tradecraft, as he breaks down the latest insights from the 2025 Verizon Data Breach Investigations Report (DBIR). In this episode, discover the top 10 takeaways for cybersecurity leaders including the surge in third-party breaches, the persistence of ransomware, and the human factors in security incidents. Learn actionable strategies to enhance your organization's security posture, from improving vendor risk management to understanding industry-specific threats. Stay ahead of cybercriminals and secure your data with practical, data-driven advice straight from one of the industry's most anticipated reports. Verizon DBIR - https://www.verizon.com/business/resources/reports/dbir/ Transcripts - https://docs.google.com/document/d/1h_YMpJvhAMB9wRyx92WkPYiKpFYyW2qz Chapters 00:35 Verizon Data Breach Investigations Report (DBIR) Introduction 01:16 Accessing the DBIR Report 02:38 Key Takeaways from the DBIR 03:15 Third-Party Breaches 04:32 Ransomware Insights 08:08 Exploitation of Vulnerabilities 09:39 Credential Abuse 12:25 Espionage Attacks 14:04 System Intrusions in APAC 15:04 Business Email Compromise (BEC) 18:07 Human Risk and Security Awareness 19:19 Industry-Specific Trends 20:06 Multi-Layered Defense Strategy 21:08 Data Leakage to Gen AI

Join G Mark Hardy, host of CISO Tradecraft, as he breaks down the latest insights from the 2025 Verizon Data Breach Investigations Report (DBIR). In this episode, discover the top 10 takeaways for cybersecurity leaders including the surge in third-party breaches, the persistence of ransomware, and the human factors in security incidents. Learn actionable strategies to enhance your organization's security posture, from improving vendor risk management to understanding industry-specific threats. Stay ahead of cybercriminals and secure your data with practical, data-driven advice straight from one of the industry's most anticipated reports. Verizon DBIR - https://www.verizon.com/business/resources/reports/dbir/ Transcripts - https://docs.google.com/document/d/1h_YMpJvhAMB9wRyx92WkPYiKpFYyW2qz Chapters 00:35 Verizon Data Breach Investigations Report (DBIR) Introduction 01:16 Accessing the DBIR Report 02:38 Key Takeaways from the DBIR 03:15 Third-Party Breaches 04:32 Ransomware Insights 08:08 Exploitation of Vulnerabilities 09:39 Credential Abuse 12:25 Espionage Attacks 14:04 System Intrusions in APAC 15:04 Business Email Compromise (BEC) 18:07 Human Risk and Security Awareness 19:19 Industry-Specific Trends 20:06 Multi-Layered Defense Strategy 21:08 Data Leakage to Gen AI

What really happens Behind The Scenes at Human Risk? 

Adam Marre is the CISO at Arctic Wolf. In this episode, he joins Oz Alashe, founder and CEO at CybSafe, and host Scott Schober to discuss security awareness training and human risk management, including his experience as a special agent with the FBI, how organizations can implement successful strategies, and more. BEHAVE: A Human Risk Podcast is brought to you by CybSafe, developers of the Human Risk Management Platform. Learn more at https://cybsafe.com.

Human risk within any organization is often not given enough attention when it comes to monitoring and tracking the behavior of employees, such as phishing attempts, security training, etc. I sat down with Mathias Zeumer, North America Channel Manager at usecure, to talk about their approach to security awareness training, share a few horror stories, and discuss how vendors like usecure and others are starting to map their products/services to frameworks and having that checked or validated by an independent 3rd party.

Ariel Saldin Weintraub is the CISO at Aon. In this episode, she joins Oz Alashe, founder and CEO at CybSafe, and host Scott Schober to discuss security awareness training and human risk management, including her experience in the CISO role at MassMutual, how being a leader in the industry has influenced her approach to human cybersecurity efforts, and more. BEHAVE: A Human Risk Podcast is brought to you by CybSafe, developers of the Human Risk Management Platform. Learn more at https://cybsafe.com.

Rinki Sethi is an experienced CISO (Chief Information Security Officer) and board member in the cybersecurity industry. In this episode, she joins Oz Alashe, founder and CEO at CybSafe, and host Scott Schober to discuss security awareness training and human risk management, including effective strategies, innovative approaches, and more. BEHAVE: A Human Risk Podcast is brought to you by CybSafe, developers of the Human Risk Management Platform. Learn more at https://cybsafe.com.

Tammy Klotz, CISO at Trinseo, has over three decades of diverse experience in the manufacturing industry, specializing in cybersecurity and transformational leadership. In this episode, she joins Oz Alashe, founder and CEO at CybSafe, and host Heather Engel to discuss security awareness training and human risk management, including how organizations can prioritize human risk management and security awareness training for employees alongside other organizational security concerns, and more. BEHAVE: A Human Risk Podcast is brought to you by CybSafe, developers of the Human Risk Management Platform. Learn more at https://cybsafe.com.

Joe Aiello is the Vice President Of Infrastructure & Cybersecurity at Suffolk Credit Union, an award-winning Long Island credit union. In this episode, he joins Oz Alashe, founder and CEO at CybSafe, and host Scott Schober to discuss security awareness training and human risk management, including the unique needs of credit unions when it comes to cybersecurity, how leaders can protect and empower employees, and more. BEHAVE: A Human Risk Podcast is brought to you by CybSafe, developers of the Human Risk Management Platform. Learn more at https://cybsafe.com.

Kirsten Davies is the founder and CEO of the Institute for Cyber Civics and the former CISO of many well-known organizations, including Unilever and The Estée Lauder Companies Inc. In this episode, she joins Oz Alashe, founder and CEO at CybSafe, and host Charlie Osborne to discuss security awareness training and human risk management, including best practices for CISOs and security leaders at large enterprises, and more. BEHAVE: A Human Risk Podcast is brought to you by CybSafe, developers of the Human Risk Management Platform. Learn more at https://cybsafe.com.

Adeel Saeed was a CISO in his last 2 roles and is now the CTO at Kyndryl. In this episode, he joins Oz Alashe, founder and CEO at CybSafe, and host Scott Schober to discuss security awareness training and human risk management, including best practices for CISOs and security leaders at large enterprises, new risks posed by AI-powered phishing, and more. BEHAVE: A Human Risk Podcast is brought to you by CybSafe, developers of the Human Risk Management Platform. Learn more at https://cybsafe.com

A new year brings new questions and more insights to the topic of Highly Pathogenic Avian Influenza. Dr. Mike Brasher is joined by leading experts in the field of avian influenza, Dr. Dave Stallknecht, Dr. Richard Webby, and Dr. Jennifer Ballard to discuss the current status of avian influenza, what we've learned since 2022, and what we still don't understand. Recent changes have been noted in the genetic code of the circulating virus, but what does this mean for the risk it poses to birds, mammals, and humans? How do we study these changes? What waterfowl species are most affected, and do we understand why these effects differ among species? Also discussed is recent science about risks to hunting dogs, what hunters need to do if they observe sick or dead birds, why hunters should be vigilant about being tested for avian flu if they feel ill, and how we can all work to reduce the likelihood of the virus becoming more severe. Tune in for an information-packed episode that is of growing relevance to everyone.Listen now: www.ducks.org/DUPodcastSend feedback: DUPodcast@ducks.org

Can you distill a complex concept into a single sketch? Jono Hey can and on this episode, he joins me to talk about Sketchplanations —a project that explains the world, one sketch at a time.SummaryI've been a long-time admirer of Jono's work, which makes complex ideas accessible and engaging through simple, elegant sketches. We discuss how he manages to turn abstract or intricate concepts into visual explanations that resonate with so many people, while maintaining accuracy and nuance. Jono has a fascinating background in product design and UX, and he shares how his professional journey has influenced his approach to Sketchplanations. We dive into his creative process, discussing the challenges of staying true to his vision while balancing the pressure for commercial success. Jono opens up about the origins of his project, the tools he uses, and the philosophy that keeps him motivated after more than 900 sketches .We also explore the broader lessons that designers, educators, and anyone curious about the world can draw from Sketchplanations.From navigating the challenge of accuracy to embracing creativity in visual form, Jono's insights are valuable for anyone looking to communicate ideas more effectively or understand the world a little better. Guest BiographyJono Hey is the creator of Sketchplanations—a series of sketches that aim to explain the world, one concept at a time. He has a rich background in product design and UX, having worked with various startups, including Nutmeg and Zen Educate, where he led UX, design, and product development. His passion project, Sketchplanations, has gained a wide audience due to its clear, engaging visuals that break down complex ideas into easily digestible formats. Beyond Sketchplanations, Jono has a PhD in product design and has worked across multiple industries, applying his expertise in design thinking and growth strategy. AI-Generated Timestamped Summary [00:00:00] Introduction to the show and Jono Hey's work [00:01:00] My admiration for Sketchplanations and Jono's mission [00:02:00] Jono's background in product design and UX[00:04:00] What Sketchplanations are and how they began [00:06:00] Jono's creative challenge and learning exercise [00:08:00] The eclectic nature of Sketchplanations topics [00:11:00] The balance between commercial success and staying true to his interests [00:13:00] How Jono chooses what to sketch and the role of curiosity [00:16:00] The process behind creating each Sketchplanation [00:19:00] Challenges of accuracy and oversimplification [00:22:00] The role of sketches as jumping-off points for further exploration [00:25:00] Staying motivated and balancing artistic integrity with audience feedback [00:29:00] Jono's analogy of a good teacher as a DJ for learning [00:33:00] The importance of timeless content and building a long-term project [00:37:00] Using sketches to connect different topics and foster curiosity [00:43:00] The constraints that shape Sketchplanations' format and identity [00:52:00] Keeping the creative process grounded in simplicity and accessibility [00:57:00] Jono's decision to allow open use of Sketchplanations for non-commercial purposes [01:01:00] The idea of building a community around freely accessible content [01:04:00] The Sketchplanations podcast, co-hosted by Jono, Rob Bell and Tom Pellereau, and what it offers listenersLinks Sketchplanations website:  www.sketchplanations.comSketchpanation podcast: https://podcast.sketchplanations.com/ Jono's book ‘Big Ideas, Little Pictures: Explaining the world one sketch at a time': https://sketchplanations.com/big-ideas-little-pictures The YouTube video Jono released to reflect what he'd learned from 900 Sketchplanations: https://www.youtube.com/watch?v=n8pWsaeRb8g Sketchplanations referred to on the show The Golden Circle: https://sketchplanations.com/the-golden-circleand the associated Sketchplanations pod episode: https://podcast.sketchplanations.com/the-golden-circle/ Herd Immunity: https://sketchplanations.com/herd-immunity The Olympic Flag: https://sketchplanations.com/the-olympic-flag The Solstice: https://sketchplanations.com/solstice The Moon Illusion: https://sketchplanations.com/the-moon-illusion The Swiss Cheese Model: https://sketchplanations.com/the-swiss-cheese-model Human Risk: https://sketchplanations.com/human-riskand the associatedSketchpanations pod episode: https://podcast.sketchplanations.com/human-risk-with-christian-hunt/

Guest: Jacqueline Jayne, The Independent Cybersecurity ExpertOn LinkedIn | https://www.linkedin.com/in/jacquelinejayne/At AU Cyber Con | https://melbourne2024.cyberconference.com.au/speakers/jacqueline-jayne-smictHosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesDuring the On Location series at AISA Cyber Con 2024 in Melbourne, the conversation about cybersecurity turns engaging as Jacqueline Jayne, Security Awareness Advocate, shares her experience on human risk management and cybersecurity education. Her insights bring forward crucial points on bridging the gap between human behavior and technological security measures.One pivotal topic discussed is the persistent challenge of human error in cybersecurity. Jacqueline highlights that human error now accounts for over 90% of security breaches. The approach to mitigating these risks isn't merely technological but educational. She emphasizes the need for comprehensive security awareness training and shifting organizational culture towards proactive risk management.Jacqueline shares, “Organizations should redefine IT departments from the ‘Department of No' to the ‘Department of K-N-O-W.'” She believes that instead of restricting users, organizations should focus on empowering them with knowledge, emphasizing the importance of comprehensive training that connects with employees on a personal level.Throughout the conversation, the importance of contextual and relatable education stands out. Jacqueline advocates for simulated phishing campaigns to provide real-world scenarios for employees. By understanding and experiencing what a phishing attempt looks like in a controlled environment, employees can better recognize and react to actual threats.Another compelling point is teaching digital citizenship from a young age. Jacqueline compares cybersecurity education to road safety education. Just as children learn road safety progressively, digital safety should be ingrained from an early age. Appropriate and guided exposure to technology can ensure they grow up as responsible digital citizens.The discussion also touches on parental and organizational roles. Jacqueline discusses the proposal of banning social media for children under 16, acknowledging its complexity. She suggests that though banning might seem straightforward, it's more about educating and guiding children and teenagers on safe digital practices. Organizations and parents alike should collaborate to create a safer and more informed digital environment for the younger generation.Towards the end, the dialogue shifts to the potential role of AI in enhancing cybersecurity awareness. There's a consensus on using AI not as a replacement but as an augmentative tool to alert and educate users about potential threats in real-time, potentially mitigating the risk of human error. In conclusion, the conversation highlights the indispensable role of education in cybersecurity. JJ's perspective fosters a comprehensive approach that includes organizational culture change, continuous engagement, and early digital citizenship education. It's not just about implementing technology but evolving our collective behavior and mindset to ensure a secure digital future.____________________________This Episode's SponsorsThreatlocker: https://itspm.ag/threatlocker-r974____________________________ResourcesThe top 10 skills your security awareness and culture person must have with no IT or cyber skills in sight (Session): https://melbourne2024.cyberconference.com.au/sessions/session-OZ4j4mTr1OKeeping our kids safe online: The essential information for parents and caregivers (Session): https://melbourne2024.cyberconference.com.au/sessions/session-oBf7Gjn2xGSecurity awareness 2.0: The paradigm shift from training and simulations to engagement and culture: https://melbourne2024.cyberconference.com.au/sessions/session-drDWsOKBsLLearn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaBe sure to share and subscribe!____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage?Learn More

Guest: Jacqueline Jayne, The Independent Cybersecurity ExpertOn LinkedIn | https://www.linkedin.com/in/jacquelinejayne/At AU Cyber Con | https://melbourne2024.cyberconference.com.au/speakers/jacqueline-jayne-smictHosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesDuring the On Location series at AISA Cyber Con 2024 in Melbourne, the conversation about cybersecurity turns engaging as Jacqueline Jayne, Security Awareness Advocate, shares her experience on human risk management and cybersecurity education. Her insights bring forward crucial points on bridging the gap between human behavior and technological security measures.One pivotal topic discussed is the persistent challenge of human error in cybersecurity. Jacqueline highlights that human error now accounts for over 90% of security breaches. The approach to mitigating these risks isn't merely technological but educational. She emphasizes the need for comprehensive security awareness training and shifting organizational culture towards proactive risk management.Jacqueline shares, “Organizations should redefine IT departments from the ‘Department of No' to the ‘Department of K-N-O-W.'” She believes that instead of restricting users, organizations should focus on empowering them with knowledge, emphasizing the importance of comprehensive training that connects with employees on a personal level.Throughout the conversation, the importance of contextual and relatable education stands out. Jacqueline advocates for simulated phishing campaigns to provide real-world scenarios for employees. By understanding and experiencing what a phishing attempt looks like in a controlled environment, employees can better recognize and react to actual threats.Another compelling point is teaching digital citizenship from a young age. Jacqueline compares cybersecurity education to road safety education. Just as children learn road safety progressively, digital safety should be ingrained from an early age. Appropriate and guided exposure to technology can ensure they grow up as responsible digital citizens.The discussion also touches on parental and organizational roles. Jacqueline discusses the proposal of banning social media for children under 16, acknowledging its complexity. She suggests that though banning might seem straightforward, it's more about educating and guiding children and teenagers on safe digital practices. Organizations and parents alike should collaborate to create a safer and more informed digital environment for the younger generation.Towards the end, the dialogue shifts to the potential role of AI in enhancing cybersecurity awareness. There's a consensus on using AI not as a replacement but as an augmentative tool to alert and educate users about potential threats in real-time, potentially mitigating the risk of human error. In conclusion, the conversation highlights the indispensable role of education in cybersecurity. JJ's perspective fosters a comprehensive approach that includes organizational culture change, continuous engagement, and early digital citizenship education. It's not just about implementing technology but evolving our collective behavior and mindset to ensure a secure digital future.____________________________This Episode's SponsorsThreatlocker: https://itspm.ag/threatlocker-r974____________________________ResourcesThe top 10 skills your security awareness and culture person must have with no IT or cyber skills in sight (Session): https://melbourne2024.cyberconference.com.au/sessions/session-OZ4j4mTr1OKeeping our kids safe online: The essential information for parents and caregivers (Session): https://melbourne2024.cyberconference.com.au/sessions/session-oBf7Gjn2xGSecurity awareness 2.0: The paradigm shift from training and simulations to engagement and culture: https://melbourne2024.cyberconference.com.au/sessions/session-drDWsOKBsLLearn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaBe sure to share and subscribe!____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage?Learn More

Teresa Zielinski, CISSP, is the Global CISO at GE Vernova. In this episode, she joins Oz Alashe, founder and CEO at CybSafe, and host Paul John Spaulding to discuss security awareness training and human risk management, including where large organizations are in the shift, how the risk landscape has evolved, and more. BEHAVE: A Human Risk Podcast is brought to you by CybSafe, developers of the Human Risk Management Platform. Learn more at https://cybsafe.com

In a world filled with AI-generated deceptions, how do we discern what's real? Ron sits down with Perry Carpenter, author of FAIK: A Practical Guide to Living in a World of Deepfakes, Disinformation, and AI-Generated Deceptions, to discuss the risks and the potential of synthetic media and human risk management. Whether you're worried about deepfakes or curious about AI's role in creativity, this episode has something for everyone. Impactful Moments: 00:00 – Intro 00:49 – Synthetic voices surprise in mastermind 01:42 – Perry's new book FAIK: A Practical Guide to Living in a World of Deepfakes, Disinformation, and AI-Generated Deceptions 03:42 – Psychology's role in cybersecurity 06:07 – Human risk management explained 09:14 – Deepfakes in fraud and scams 15:13 – Demo of deepfake voices 20:22 – Using cakes to explain large language models  27:00 – AI helps overcome creative blocks 32:00 – Managing AI hallucinations and risks Connect with our guest, Perry Carpenter: https://www.linkedin.com/in/perrycarpenter Purchase a copy of Perry's book FAIK here: https://www.amazon.com/FAIK-Practical-Disinformation-AI-Generated-Deceptions/dp/1394299885 Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

What do you think of when you hear the words Diversity, Equity & Inclusion (DE&I)? If it's something negative, then this is the episode for you; because I'm exploring how we can transform DE&I from something theoretical but impractical to something that can really work and have a positive impact for everyone. In other words, how we can de-polarize it?On this milestone 300th episode of the Human Risk podcast, I'm joined by three remarkable guests—Chloé Valdary, Morgan Hamel, and Peter Stein—who are working together to revolutionize how organizations approach DE&I.Morgan, a former fashion ethicist, shares her story of navigating the challenges of DE&I while running her own business and how it led her to Chloé and Peter's groundbreaking work at The Theory of Enchantment.Throughout the episode, we explore how their unique approach moves away from traditional and often divisive methods of addressing DE&I. Instead, they advocate for a humanistic approach that fosters genuine connection and respect, even across seemingly insurmountable divides.If you've ever felt disillusioned by standard DE&I strategies, this conversation will open your eyes to a new way of thinking.You'll also hear about the challenges of implementing meaningful DE&I practices in today's polarized world, with real-world examples of companies that have struggled — and sometimes failed — to get it right. This is a refreshing and practical discussion for leaders and professionals who want to find a more sustainable, inclusive, and human-centred way to manage DE&I in the workplace.Biography of the GuestsMorgan Hamel describes herself as a fashion ethicist and former compliance officer, now focused on exploring the intersection of ethics, reputation, and diversity in business. Morgan ran her own fashion company, The Garment, where she experienced firsthand the challenges of navigating DE&I, ultimately leading her to close the business. Passionate about finding new solutions to old problems, Morgan now collaborates with Chloe and Peter to help businesses tackle polarization and inclusivity more meaningfully.Chloé Valdary founded The Theory of Enchantment, an innovative framework for DE&I that emphasizes compassion, curiosity, and emotional resilience. Chloé's work has gained international recognition for its refreshing take on a traditionally contentious space. She's committed to depolarizing organizations and fostering environments where diverse perspectives are welcomed and celebrated.Peter Stein partners with Chloé at The Theory of Enchantment, bringing a broad humanist perspective to the world of DE&I. With a background that spans academia and business, Peter focuses on building bridges across ideological divides, helping organizations heal from the harm caused by poorly implemented DE&I practices. His work is rooted in a belief that compassion and open dialogue are key to effective change.AI-Generated Timestamped Summary[00:00:00] Introduction: 300th episode celebration and series overview[00:01:00] Introducing guests: Morgan, Chloe, and Peter's unique collaboration[00:03:00] Morgan shares her journey from running a fashion company to her current focus on ethics and DE&I.[00:09:00] The difficulty of finding DE&I approaches that unify rather than divide.[00:16:00] Chloe discusses the harm caused by mainstream DE&I practices and the need for more human-centered approaches.[00:22:00] Peter shares stories of organizations harmed by divisive DE&I programs.[00:36:00] Morgan's reflections on the value of the Theory of Enchantment's work in depolarizing organizations.[00:50:00] The power of viewpoint diversity and why curiosity is key to effective DE&I.[00:54:00] Conclusion: What to expect in future episodes featuring more in-depth interviews with each guest.LinksTheory of Enchantment website: https://theoryofenchantment.comMorgan's website: https://www.morganhamel.com/The Governance Certificate in Depolarization run by Morgan: https://www.cpaalberta.ca/Professional-Development/Executive-Programs/Governance-Certificate-in-De-PolarizationJordan Peterson's interview with Chloé: https://youtu.be/3rZkv_prTOk?si=MyPXub1_0AMM-4S0John McWhorter's book, Woke Racism: https://www.penguinrandomhouse.com/books/696856/woke-racism-by-john-mcwhorter/Bud Light Diversity Controversy: https://en.wikipedia.org/wiki/Bud_Light_boycott

Ashley Rose, CEO of Living Security, a company specializing in human risk management. Under her leadership, Living Security has transformed cybersecurity awareness beyond traditional training and phishing campaigns to actively measuring and monitoring human behavior, identifying real risk, to protect organizations from incidents and policy violations in real time. Ashley is also featured on our list of Cybersecurity Pundits. In this episode, she joins host Heather Engel to discuss the cyberattack on crypto company Unicoin and the value of human risk management. • For more on cybersecurity, visit us at https://cybersecurityventures.com

Susan Koski is the Chief Information Security Officer (CISO) at PNC. In this episode, he joins Oz Alashe, founder and CEO at CybSafe, and host Scott Schober to discuss human risk management and the importance of security awareness training. BEHAVE: A Human Risk Podcast is brought to you by CybSafe, developers of the Human Risk Management Platform. Learn more at https://cybsafe.com

Steve Morgan, Editor-in-Chief at Cybercrime Magazine, Oz Alashe, founder and CEO at CybSafe, and Keith Stewart, a Stealth Cybersecurity Startup CEO, gathered online in the summer of 2024 for this enlightening discussion. Produced by Cybersecurity Ventures: https://cybersecurityventures.com. Brought to you by Evolution Equity Partners: https://evolutionequity.com

Lev Lesokhin is the EVP of Technology & Analytics at OutThink, a Cybersecurity Human Risk Management Platform empowering CISOs by targeting the source of 90% of all data breaches: human behavior. In this episode, he joins host Charlie Osborne to discuss OutThink's annual CRHM Report, including how the data was assembled, some of the main takeaways, and more. Read the full report at https://outthink.io/category/research-labs. • For more on cybersecurity, visit us at https://cybersecurityventures.com

Oritse J. Uku is the Business Information Security Officer (BISO) and IT Governance Risk and Compliance at Northwestern Mutual. In this episode, he joins Oz Alashe, founder and CEO at CybSafe, and host Heather Engel to discuss security awareness training and human risk management, particularly phishing simulation and what it can do for organizations. BEHAVE: A Human Risk Podcast is brought to you by CybSafe, developers of the Human Risk Management Platform. Learn more at https://cybsafe.com

What might the future of society look like & how can we get there? On this episode, I'm speaking to a best-selling author who has written an extraordinary book about her vision for the future. Unusually, the book is a work of fiction for the show, but the issues it addresses are very relevant to Human Risk. My guest is Manda Scott, who began her career as a veterinary surgeon and is now an award-winning writer and podcaster. Her new book, Any Human Power, has the subtext Dream deeply. Rise up strong. Change is coming and is centred around a protagonist named Lan, a woman on her deathbed who makes a promise to her grandson, Finn. Realising he is struggling with the idea of living in a world without her, she vows to be there for him even after her death. As she passes away, she steps into a shamanic realm known as the void, where she learns to navigate and influence the timelines of the future. Lan's journey is marked by her attempts to keep her promise to Finn, acting from beyond the grave to guide and protect him. The narrative explores the complex interplay between life and death, human connection, and the power of shamanic practices. Lan discovers that she can impact the physical world through the digital realm, using online gaming to connect with Finn and help him in his moments of need. During our discussion; we explore Manda's career, what drives her writing and the topics she explores in Any Human Power. Links to relevant topics Manda's author's website: https://mandascott.co.uk/Her podcast ‘Accidental Gods': https://accidentalgods.life/Bayo Akomolafe - The Time's Are Urgent — Let's Slow Down:https://www.bayoakomolafe.net/post/the-times-are-urgent-lets-slow-downFrancis Weller on the Trauma Culture vs Initiation Culture: https://medium.com/best-of-kosmos-journal/deschooling-dialogues-on-initiation-trauma-and-ritual-with-francis-weller-3f360fe26563 The evolution of Audrey Tang https://www.theguardian.com/world/2020/sep/27/taiwan-civic-hackers-polis-consensus-social-media-platform How Audrey's Tang crowdsourced government  https://www.globalgovernmentforum.com/the-wisdom-of-crowds-an-interview-with-taiwans-unorthodox-digital-minister/ Wealth Supremacy by Marjorie Kelly https://uk.bookshop.org/p/books/wealth-supremacy-how-the-extractive-economy-and-the-biased-rules-of-capitalism-drive-today-s-crises-marjorie-kelly/7452410?ean=9781523004775 The ‘Bankless' podcast with Eliezer Yudkowsky  http://podcast.banklesshq.com/159-were-all-gonna-die-with-eliezer-yudkowsky Riversimple Future Guardian Governance model  https://www.riversimple.com/governance/ Timestamp Highlights (AI generated) [00:00:00] - IntroductionChristian Hunt introduces Manda Scott and her background.[00:01:00] - Manda's JourneyManda talks about her background in Scotland, starting as a veterinary surgeon, and transitioning to a novelist and podcaster.She highlights her work in intensive care for neonatal horses and her academic journey.[00:02:00] - Transition to Writing and PodcastingManda discusses her decision to leave academia and pursue writing.She explains the impact of her master's in regenerative economics on her career shift.[00:03:00] - Regenerative Economics and Shamanic DreamingManda explains how her studies and shamanic dreaming influence her work and perspectives.Introduction to the concept of "Accidental Gods" podcast and its goals.[00:04:00] - The Need for Systemic ChangeDiscussion on the necessity for total systemic change and evolving human consciousness.Manda emphasizes changing our value set to create a thriving world.[00:06:00] - Shamanic Practice and Creative ProcessManda elaborates on shamanic dreaming and its role in her creative process.She shares how visions and instructions guide her writing.[00:14:00] - Writing Inspiration and ProcessManda describes the inspiration behind her latest book and her unique writing process.She explains the metaphor of splitting timelines and the challenges of writing about the future.[00:19:00] - Online Gaming and Human ConnectionDiscussion on the role of online gaming in building human connections.Manda shares personal experiences and the positive aspects of gaming communities.[00:26:00] - Technology as a Tool for ChangeManda highlights Audrey Tang's work in Taiwan and the potential of technology for positive societal change.The importance of using technology to build bridges and foster consensus.[00:34:00] - Capitalism and Value SystemsDiscussion on the destructive nature of capitalism and the need for new value systems.Manda explains the concept of "Wealth Supremacy" and systemic change.[00:41:00] - Writing Through TopiaManda talks about the difficulty of writing a realistic path to a better future.The importance of creating stories that resonate with people's current experiences and aspirations.[00:49:00] - Human Connection and CreativityManda discusses the power of human connection and creativity in building a sustainable future.Emphasis on embracing technology while evolving beyond Palaeolithic emotions and medieval institutions.[00:53:00] - Call to ActionManda's call to action for systemic change and building a future for future generations.Importance of storytelling and creative imagination in driving change.[00:59:00] - Closing ThoughtsChristian and Manda discuss the impact of her book and provide practical information for listeners.Final remarks on the importance of community, technology, and systemic change.

Adam Keown is the CISO at Eastman. In this episode, he joins Oz Alashe, founder and CEO at CybSafe, and host Scott Schober to discuss their shared background in law enforcement and how that helped prepare for a future career in cybersecurity, as well as the difference between security awareness training and human risk management, the future of the industry, and more. BEHAVE: A Human Risk Podcast is brought to you by CybSafe, developers of the Human Risk Management Platform. Learn more at https://cybsafe.com

Oz Alashe, founder and CEO at CybSafe, a security awareness training company based in London, joins host Steve Morgan for a discussion about the CybSafe platform and how it works to manage human risk in cybersecurity, as well as sharing his background, how the company got started, and more. BEHAVE: A Human Risk Podcast is brought to you by CybSafe, developers of the Human Risk Management Platform. Learn more at https://cybsafe.com

What goes into human decision-making? If you listened to the previous episode of the show with Dr Melina Moleskis on decision-making, then you'll know what's coming next.   If you didn't, then don't worry; you can listen to that after this.My guest on this episode is Ben Cattaneo, a friend of the show and the founder of The Decision-Making Studio, a startup that helps clients to make better decisions. In our discussion, we pick up some of the themes I discussed with Melina and explore others. Since Ben's background is in risk — he hosts the All Things Risk podcast — we explore how, in an uncertain world, making good decisions is critical. On the episode, you'll hear about: Ben's experiences of founding The Decision Making Studio;the importance of integrating human elements into decision-making processes;the FOCUS framework for improving decision quality;the need to blend art and science in making decisions;the flaws in classic MBA case studies for teaching decision-making and the benefits of looking at less-known examples for deeper insights;the need to shift towards embracing uncertainty as a natural part of decision-making;the complexity and importance of decision-making in both personal and organizational contexts.and much more.Resources Part One of this series with Dr Melina Moleskis on Decision-Making: https://www.humanriskpodcast.com/dr-melina-moleskis-on-decision-making-part-one/ Blockbuster Netflix story: https://finshots.in/archive/the-incredible-netflix-story-you-didnt-know/ Comedian Des Bishop on Mindfulness: https://www.youtube.com/watch?v=yU_wLC0NlgU James Clear on Tattoos, Haircuts & Hats: https://jamesclear.com/3-2-1/february-1-2024 You can find Ben via his Decision Making Studio website: https://thedecisionmaking.studio/ Ben's All Things Risk podcast is available on all platforms and here:  https://www.allthingsrisk.co.uk/ The episode of his show featuring Paula Reid who cycled across Ukraine: https://www.allthingsrisk.co.uk/2024/04/02/ep-215-paula-reid-on-cycling-across-ukraine/ The Decision-Making Studio https://thedecisionmaking.studio/ Ben's Decision Reaction Videos are available via his account on LinkedIn:  https://www.linkedin.com/in/ben-cattaneo/ The specific episodes he refers to on the show: Mark Gilmour's race in Morocco: https://www.linkedin.com/posts/ben-cattaneo_decisionmaking-decisionreactions-activity-7183537246388518912-jBQR?utm_source=share&utm_medium=member_desktop The movie ‘Gung Ho': https://www.linkedin.com/posts/ben-cattaneo_decisionmaking-activity-7155084173228077056-iX2H?utm_source=share&utm_medium=member_desktop Relevant episodes of the Human Risk podcast: Ben on ‘All Things Risk': https://www.humanriskpodcast.com/all-things-human-risk-crosscast/Alison Taylor on 'Doing The Right Thing': https://www.humanriskpodcast.com/alison-taylor-on-doing-the-right-thing/Professor Bent Flyvbjerg on 'How Big Things Get Done': https://www.humanriskpodcast.com/professor-bent-flyvbjerg-on-how-big-things-get-done/

Welcome to the Social-Engineer Podcast: The SE Etc. Series. This series will be hosted by Chris Hadnagy, CEO of Social-Engineer LLC, and The Innocent Lives Foundation, as well as Social-Engineer.Org and The Institute for Social Engineering. Chris will be joined by his co-host Patrick Laverty as they discuss topics pertaining to the world of Social Engineering.   Today Chris and Patrick are once again joined by Shelby Dacko. Shelby is a Human Risk Analyst with Social‐Engineer, LLC. Her specialties include vishing, OSINT work, educational material production, and public speaking. Notably, she has made over 20,000 vishing calls in her career. She holds a Certified Ethical Social Engineer (CESE) certification and has spoken for Fortune 500 companies.   Coming from a background that includes teaching English, and interpreting American Sign Language, Shelby has always had an interest in communication. That interest led her to the Foundational Application of Social Engineering (FASE) class, which she now co-teaches with Christopher Hadnagy.   On her days off, Shelby enjoys volunteering for the Innocent Lives Foundation and painting. [Jan 22, 2024]   00:00 - Intro 00:19 - Patrick Laverty Intro 00:49 - Intro Links -          Social-Engineer.com - http://www.social-engineer.com/ -          Managed Voice Phishing - https://www.social-engineer.com/services/vishing-service/ -          Managed Email Phishing - https://www.social-engineer.com/services/se-phishing-service/ -          Adversarial Simulations - https://www.social-engineer.com/services/social-engineering-penetration-test/ -          Social-Engineer channel on SLACK - https://social-engineering-hq.slack.com/ssb -          CLUTCH - http://www.pro-rock.com/ -          innocentlivesfoundation.org - http://www.innocentlivesfoundation.org/                                       04:23 - Today's Topic: Telling Stories with Shelby (Part 2) 05:18 - Previously on SE, ETC. 06:43 - Night & Day 07:59 - Finding Our "In" 09:03 - You're Gonna Like the Way You Look 10:54 - We Don't Need No Stinking Badges 12:01 - Attack of the Clones 14:06 - Good Ole' Barb 18:25 - Leisurely Stroll 20:27 - Mission Accomplished! 24:31 - Left to Our Own Devices 29:45 - Being Flexible 31:07 - You Still Need to Plan 33:46 - Debrief BBQ 35:38 - Reposition Ring 40:17 - Wrap Up & Goodbye 42:10 - Outro -          www.social-engineer.com -          www.innocentlivesfoundation.org   Find us online -          Chris Hadnagy -          Twitter: @humanhacker -          LinkedIn: linkedin.com/in/christopherhadnagy -          Patrick Laverty -          Twitter: @plaverty9 -          LinkedIn: linkedin.com/in/plaverty9 -          Shelby Dacko -          Twitter: @scarylilhuman -          LinkedIn: ­­­linkedin.com/in/shelbydacko

About the CISO Circuit SeriesSean Martin and Michael Piacente will join forces roughly once per month to discuss everything from looking for a new job, entering the field, finding the right work/life balance, examining the risks and rewards in the role, building and supporting your team, the value of the community, relevant newsworthy items, and so much more. Join us to help us understand the role of the CISO so that we can collectively find a path to Redefining CyberSecurity. If you have a topic idea or a comment on an episode, feel free to contact Sean Martin.____________________________Guests: Michael Piacente, Managing Partner and Cofounder of Hitch PartnersOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/michael-piacenteOmar Khawaja, VP Security, Field CISO at Databricks [@databricks]On LinkedIn | https://www.linkedin.com/in/smallersecurity/On Twitter | https://twitter.com/smallersecurity____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode's SponsorsImperva | https://itspm.ag/imperva277117988Pentera | https://itspm.ag/penteri67a___________________________Episode NotesIn this special CISO Circuit Series edition of the Redefining CyberSecurity podcast episode, Sean Martin and Michael Piacente engage in a thought-provoking conversation with Omar Khawaja, VP of Security and Field CISO at Databricks. Driven by a conversation with 75 of his CISO peers, Omar brings his unique perspective to the table, discussing the evolving role of a CISO and the importance of aligning security efforts with business needs.Drawing on his experiences transitioning from a CISO at a large healthcare organization to a Field CISO, Omar shares insights on how he assists other CISOs, particularly in managing their data and implementing AI. He emphasizes the necessity of effective communication, audience awareness, and collaboration. Using the metaphor of a plane journey, Omar illustrates the importance of delivering a clear, simplified view of security efforts to stakeholders.A significant part of the conversation revolves around the importance of building strong relationships with other executives and being open about vulnerabilities. Omar stresses the value of maintaining a relentless curiosity and refraining from judgment to foster better relationships and collaboration. He also shares some practical techniques for CISOs, encouraging them to continuously work on the craft of asking the right questions and demonstrating curiosity.This episode serves as a valuable resource for anyone interested in the ever-changing role of the CISO and the critical task of aligning security efforts with business needs. With its blend of practical advice, insightful metaphors, and real-world experiences, it's a must-listen for those looking to understand the complexities and challenges in the world of cybersecurity.____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

In this episode, we interview Jake Wilson, Western Governor University's Security Awareness Evangelist. We'll learn about how he built up and matured WGU's security awareness program, eliminating blind spots, and improving efficacy through data analysis and better reporting. This segment is sponsored by Living Security. Visit https://securityweekly.com/livingsecurity to learn more about them! This week in the leadership and communications section: building a feedback-driven culture, letting go of the reins, 25 hard-hitting lessons from 17 years in cybersecurity, and more! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/bsw-321

Listen in as Perry Carpenter & Dr. Jessica Barker present their joint session, "Conversational Security Awareness" at the SANS Managing Human Risk Summit. ... and stay tuned after the presentation for a quick conversation between Perry, Jessica, and Lance Spitzner (SANS) as they discuss themes from this year's event. Guests: Dr. Jessica Barker (LinkedIn) (Twitter) Jeremy Treadwell (LinkedIn) (Twitter) Lance Spitzner (LinkedIn) (Twitter) Additional Resources: Jessica Barker's great blog post summarizing this session Jessica Barker's 2020 RSA Keynote Related 8Li Episodes: 8Li S1 E9: Security ABCs Part 1: Make Awareness Transformational 8Li S1 E10: Security ABCs Part 2: 8th Layer Insights and the Quest for Security Culture 8Li S2 E10: The Next Evolution of Security Awareness 8Li S4 E3: Carrots, Sticks, and Culture: The Art and Science of Social Signaling 8Li S4 E5: We are the Champions 8Li S4 E6: Blending Awareness, Social Engineering, and Physical Penetration Testing -- A Conversation with Jayson E. Street Relevant Books (Amazon Associate Links) Confident Cyber Security: How to Get Started in Cyber Security and Futureproof Your Career, by Jessica Barker Cybersecurity ABCs: Delivering awareness, behaviours and culture change by Jessica Barker, Adrian Davis, Bruce Hallas, & Ciarán Mc Mahon Mixed Signals: How Incentives Really Work, by Uri Gneezy Security Awareness Program Builder: Practical guidelines for building your Information Security Awareness Program & prep guide for the Security Awareness and Culture Professional (SACP)™ by Mark Majewski Perry's Books (Amazon Associate Links) Transformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors, by Perry Carpenter The Security Culture Playbook: An Executive Guide To Reducing Risk and Developing Your Human Defense Layer by Perry Carpenter & Kai Roer Production Credits: Music and Sound Effects by Blue Dot Sessions, Envato Elements, & Storyblocks. Artwork by Chris Machowski @ https://www.RansomWear.net/ and Mia Rune @ https://www.MiaRune.com. 8th Layer Insights theme music composed and performed by Marcos Moscat @ https://www.GameMusicTown.com/ Want to get in touch with Perry? Here's how: LinkedIn Twitter Instagram Email: hello [at] 8thLayerInsights [dot] com

Do you want people to be more likely to follow whatever rules, policies, or procedures you create? It's time to make them more human. Understanding and empathizing with the perspectives of others plays a crucial role in effective rule adherence. Comprehending the dynamics of rules can lead to beneficial outcomes in various aspects of life, from lessening conflicts to fostering compliance within organizational settings. Those who understand and communicate the reasons behind their rules are more likely to gain cooperation from those affected. It also helps reduce misunderstanding and resistance, promoting a smoother and more efficient implementation of rules or policies. Guest Christian Hunt, during his conversation with Melina Palmer, explained his thoughts on this matter, drawing on his experience as the founder of Human Risk, host of the Human Risk podcast and author of Humanizing Rules. Hunt believes that, to instill rule adherence, it is important to understand the perspectives of individuals subjected to those rules. He also iterated the need for effective communication, emphasizing that rules are more likely to be accepted and adhered to when individuals understand the rationale behind them. Christian introduces his HUMANS framework during the conversation, and shares interesting, real-world examples from transportation, Netflix, and more. In this episode: Understand the relevance of emotional intelligence and empathy in compliance with rules. Acquire knowledge about the role of clear communication in improving rule compliance. Analyze the issues linked with changing speed limits and the crucial role of enlightenment. Appreciate the need to present regulatory efforts as advantageous and pertinent to the workforce. Learn Christian's HUMANS framework and how to start using it in your business. Show Notes: 00:00:00 - Introduction, Melina Palmer introduces Christian Hunt, the founder of Human Risk, a company that specializes in using behavioral science to manage the risks of human decision-making. Christian shares his background in financial services and regulation, which led him to focus on the human side of compliance and ethics. 00:02:20 - Unique Perspective from Regulation to Compliance, Christian discusses his unique experience of transitioning from a regulator to a compliance professional, allowing him to see both sides of the problem when he had to enforce his own rules (and realized they didn't align properly). He emphasizes the importance of understanding the reasons behind rules and regulations in order to effectively manage them. 00:05:57 - Applying Behavioral Science to Ethics and Compliance, Christian explains how his experience in risk and compliance led him to realize the relevance of behavioral science in influencing human decision-making. He shares his mission to help organizations use behavioral science to get the best out of their people while mitigating risks. 00:08:03 - Navigating "Weird" Rules, Christian provides advice for individuals who find themselves dealing with rules that seem strange or unnecessary. He suggests understanding the reasons behind the rules and considering whether they serve a genuine purpose. Having a dialogue and presenting alternative perspectives can be helpful in managing such rules. 00:11:41 - Balancing Compliance with Dialogue, Christian acknowledges that in tightly regulated industries, dialogue may not always be possible. However, for those who can engage in discussions, he emphasizes the importance of approaching the conversation with empathy and understanding of the other party's perspective. 00:12:37 - Understanding the Fundamental Attribution Error, Christian Hunt discusses the difficulty of putting oneself in someone else's shoes and the tendency to blame others instead of seeking to understand their rationale. He emphasizes the importance of pausing and considering where others may be coming from in order to find better solutions. 00:13:30 - The Importance of Questioning What is Normal, Christian highlights the concept of "normal" and how rules and expectations are often based on extreme, non-common examples. He shares a story about his train journey and the importance of understanding the rationale behind rules. He initially dismissed the need for bag labels, but a staff member explained that they were necessary in case of train evacuation. This experience taught him the importance of not making presumptions and considering the reasoning behind rules. 00:18:25 - Learning from Mistakes and the Dunning-Kruger Effect, Christian discusses the Dunning-Kruger effect and admits to falling victim to it himself. He shares a story about a rule regarding variable speed limits on roads, where drivers often question the need to slow down. He emphasizes the importance of recognizing that rules are often in place for valid reasons, even if they may not be immediately apparent. 00:24:53 - The Frustration with Rules, Christian discusses how rules can be frustrating when they are imposed due to the actions of others. He highlights the need for clear communication and understanding between authorities and the people being controlled. 00:25:49 - Societal Reasons for Rules, Christian acknowledges that some rules are put in place for the greater good, such as slowing down traffic for the safety of elderly drivers. He emphasizes the importance of considering the rationale behind rules and whether they apply to specific subsets of the population. 00:26:39 - The Challenge of Communicating Rules, Christian recognizes the challenge that authorities face in communicating the reasons behind certain rules. He believes that authorities should be more transparent and ethical in their communication, especially in democratic societies. 00:28:00 - The Employment Contract Fallacy, Christian discusses the fallacy of relying solely on the employment contract as a reason for imposing rules. He argues that just because authorities have the power to enforce rules doesn't mean they should, and they should consider the perspective of those being controlled. 00:31:02 - Differentiating Between Rules, Christian explains the importance of distinguishing between rules that are irrecoverable (serious violations) and rules that are recoverable (less serious violations). He uses Netflix's approach of focusing efforts on irrecoverable actions as an example of effective rule implementation. 00:37:23 - Understanding Requirements and Imposing Tasks, The importance of understanding requirements and tasks from both the perspective of the person giving the task and the person receiving it. It is crucial to ensure that the person giving the task understands what they are asking for and the potential challenges involved. Imposing tasks without understanding can lead to frustration and inefficiency. 00:38:09 - Recognizing Risk and Impact on Employees, It is essential to recognize the potential risks and impact of imposing tasks on employees. If a task is likely to be unhelpful and difficult for the employee to understand, it poses a higher risk. Employers should consider whether the benefits outweigh the potential negative impact on employee relationships and trust. 00:39:30 - Using Behavioral Science as a Design Tool, Behavioral science can be used as a design or diagnostic tool to improve task implementation. If reality cannot be changed, the perception of a task can be altered through framing or breaking it down into smaller, more manageable tasks. Understanding the impact and finding ways to make tasks more user-friendly is crucial. 00:40:43 - The Pitfalls of Compliance Training, Compliance training exercises often fall short in effectively teaching and assessing employee understanding. Testing employees on obscure information that is unlikely to be relevant to their job can lead to frustration and a sense of wasted time. Employers should reconsider the purpose and effectiveness of compliance training exercises. 00:49:38 - Introduction to Incentives, Companies often use incentives, such as prize drawings, to encourage customers to fill out surveys. The same principle applies to employees in the workplace. Incentives can increase compliance and the quality of work. 00:50:22 - Importance of Incentives, Incentives are crucial for tasks that require a high standard of work. If people don't see the value in doing something, they are less likely to do it. Consider what's in it for them as an individual and find ways to make tasks feel worth doing. 00:51:11 - Feasibility of Compliance, Consider whether it is feasible for individuals to comply with a rule or task. If something is too difficult or requires significant effort, compliance is less likely. Make tasks easier to increase compliance. 00:52:02 - Acceptability of Rules, Just because a rule can be imposed doesn't mean it will be accepted. Consider whether employees find a rule acceptable based on their specific circumstances and employment. Overreach can lead to resistance. 00:53:44 - Social Proof and Normalcy, The perception of what is normal and acceptable plays a role in compliance. Consider social proof and whether other people in similar circumstances are being asked to do the same thing. Make rules salient and relevant to increase compliance. 00:56:04 - Conclusion, Melina's top insights from the conversation. What stuck with you while listening to the episode? What are you going to try? Come share it with Melina on social media -- you'll find her as @thebrainybiz everywhere and as Melina Palmer on LinkedIn. Thanks for listening. Don't forget to subscribe on Apple Podcasts or Android. If you like what you heard, please leave a review on iTunes and share what you liked about the show.  I hope you love everything recommended via The Brainy Business! Everything was independently reviewed and selected by me, Melina Palmer. So you know, as an Amazon Associate I earn from qualifying purchases. That means if you decide to shop from the links on this page (via Amazon or others), The Brainy Business may collect a share of sales or other compensation. Let's connect: Melina@TheBrainyBusiness.com The Brainy Business® on Facebook The Brainy Business on Twitter The Brainy Business on Instagram The Brainy Business on LinkedIn Melina on LinkedIn The Brainy Business on Youtube Learn and Support The Brainy Business: Check out and get your copies of Melina's Books.  Get the Books Mentioned on (or related to) this Episode: Humanizing Rules, by Christian Hunt Both/And Thinking, by Wendy Smith and Marianne Lewis Friction, by Roger Dooley Mixed Signals, by Uri Gneezy What Your Employees Need and Can't Tell You, by Melina Palmer Connect with Christian:  Christian on Twitter Follow Christian on LinkedIn Human Risk Podcast Top Recommended Next Episode: What Problem Are You Solving? (ep 126) Already Heard That One? Try These:  Dunning-Kruger Effect (ep 266) Adam Hansen and the Curse of Knowledge (ep 176) Inequity Aversion (ep 224) Behavioral Science in the Wild, with Dilip Soman (ep 241) Framing (ep 296) Confirmation Bias (ep 260) Design for Decision, with Sam Evans (ep 291) Influence, with Robert Cialdini (ep 157) Mixed Signals, with Uri Gneezy (ep 273) Good Habits, Bad Habits with Wendy Wood (ep 127) Overwhelm and Decision Making (ep 32) Reciprocity (ep 238) Social Proof (ep 87) Friction, with Roger Dooley (ep 274) Other Important Links:  Brainy Bites - Melina's LinkedIn Newsletter Melina as a guest on the Human Risk podcast