Security Awareness Training Refresh presented at BSidesLasVegas 2018

by Lauren Clausen,

Summary : What’s the first thing that comes to mind when you think of security awareness training? If it exists at all, it’s typically a painfully dry and boring user experience, and provides little to no context to employees. Instead of producing an interactive and educational experience for users, many organizations miss the mark, inevitably turning an incredibly valuable and critically important training into another checkbox on a questionnaire.Organizations should view security awareness training as an opportunity to disseminate relevant and timely information to the users who ultimately determine their level of risk. During this talk, Lauren Clausen, Security Governance Analyst at Rapid7, will discuss the current state of security awareness trainings, the ways in which organizations can create engaging content that conveys this important information, as well as the win, losses, and lessons learned from Rapid7’s own security awareness training refresh.