Human-Centered Security

Brian Murphy, a security specialist at GreyCastle Security, talks about how we can help employees understand information security by using stories and analogies people already understand and connect with. This connection is the first step in encouraging the behavior change that fosters an organizational culture that then leads to better information security.

Show Notes

Brian Murphy, a security specialist at GreyCastle Security, is a technology, information security, and risk management professional. He assists with the development and implementation of cybersecurity solutions for a variety of industries. Brian has knowledge of PCI, SOX, GLBA compliance requirements, as well as ISO and NIST standards and regulations.

On this episode we talk about:
  • How we are constantly doing risk assessments in our everyday life. At least, we should be.
  • How using analogies and stories help people connect with something new, like cybersecurity.
  • Shifting the mindset to ensure the cybersecurity team's goals tie back to the business’ goals.
  • The importance of culture and providing an environment where employees and the cybersecurity team are constantly learning.

What is Human-Centered Security?

Cybersecurity is complex. Its user experience doesn’t have to be. Heidi Trost interviews information security experts about how we can make it easier for people—and their organizations—to stay secure.