Human-Centered Security

Cybersecurity can be an intimidating field to people outside the industry. As Ryan Cloutier explains, when security professionals find themselves starting off conversations with users with "you're doing it wrong," they are already starting off at a disadvantage. In fact, this kind of dynamic only serves to further ostracize end users.

Show Notes

In this episode, we talk about:
  • How security experts can more effectively communicate with end users.
  • The issue of delayed consequences in the digital realm and how that impacts how people behave.
  • The role accountability plays in improving information security.

Ryan Cloutier is the principal security consultant for SecurityStudio. He is an experienced IT/cybersecurity professional with over 15 years experience developing cybersecurity programs for Fortune 500 organizations. Ryan is a virtual Chief Information Security Officer for K12 districts across the country and is Certified Information Systems Security Professional (CISSP) and is proficient in cloud security, dev-ops, and sec-ops methodologies, security policy, process, audit, compliance, network security, and application security architecture. Ryan also co-hosts a weekly security podcast and is included on the top 100 most influential people in cybersecurity.


You can also find Ryan:
  • On Twitter @cloutiersec
  • On The Security Shitshow
  • During the episode, Ryan mentions S2me (by SecurityStudio), a free security risk assessment resource

What is Human-Centered Security?

Cybersecurity is complex. Its user experience doesn’t have to be. Heidi Trost interviews information security experts about how we can make it easier for people—and their organizations—to stay secure.