Security That Accounts for Human Fallibility

All links and images for this episode can be found on CISO Series.

We expect our users to be perfect security responders even when the adversaries are doing everything in their power to trick them. These scams are designed to make humans respond to them. Why aren't we building our security programs to account for this exact behavior that is simply not going to go away?

Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Our guest is Ken Athanasiou, CISO, VF Corporation.

Thanks to our podcast sponsor, Code42

In this episode: 

• Why do we expect our users to be perfect security responders even when the adversaries are doing everything in their power to trick them?
• Aren’t these scams designed to make humans respond to them?
• Why aren't we building our security programs to account for this exact behavior that is simply not going to go away?
• Why do so many security practitioners treat our users as children to be managed instead of adults to be educated and assigned a level of accountability?