This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
תוכן מסופק על ידי Security Voices. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי Security Voices או שותף פלטפורמת הפודקאסט שלהם. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.
דומה לSecurity Voices
Daily update on current cyber security threats
…
continue reading
This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
A podcast about web design and development.
…
continue reading
Get ready for a weekly dose of all things Enterprise Software and Cloud Computing! Join us as we dive into topics including Kubernetes, DevOps, Serverless, Security and Coding. Plus, we’ll keep you entertained with plenty of off-topic banter and nonsense. Don’t worry if you miss the latest industry conference - we’ve got you covered with recaps of all the latest news from AWS, Microsoft Azure, Google Cloud Platform (GCP) and the Cloud Native Computing Foundation (CNCF).
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
Join our weekly discussion about how to build top end Angular applications and become an Angular expert. Become a supporter of this podcast: https://www.spreaker.com/podcast/adventures-in-angular--6102018/support.
…
continue reading
A weekly talk show taking a pragmatic look at the art and business of Software Development and the world of technology.
…
continue reading
Player FM - אפליקציית פודקאסט
התחל במצב לא מקוון עם האפליקציה Player FM !
התחל במצב לא מקוון עם האפליקציה Player FM !
))
Fixing Security's Human Problem: Behavioral Engineering at Robinhood
Manage episode 345237134 series 2495524
תוכן מסופק על ידי Security Voices. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי Security Voices או שותף פלטפורמת הפודקאסט שלהם. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.
In cybersecurity, we have teams focused on managing vulnerabilities. We have SOCs who spend their days obsessing over threats. App sec teams. Data privacy teams. In the typical, modern cybersecurity team, we have exactly zero people focused on helping humans defend themselves and the organization in spite of a massive increase in scams and fraud that are squarely aimed at tricking people into making bad decisions. Are we really more at risk from a new foreign adversary or CVSS 9 vulnerability than we are from an executive or someone in Finance being deceived by a scammer?
Enter Behavioral Engineering. A new-ish discipline introduced by forward leaning cybersecurity teams that recognizes the pivotal role that humans and key behaviors play as part of our overall security posture. What do we mean by key behaviors? How we share sensitive information. What we do when we authenticate. How we react when we see something suspicious. And so on.
In this episode of Security Voices, Jack and Dave interview the Behavioral Engineering (BE) team of Robinhood, Masha Arbisman and Margaret Cunningham, as well the CISO, industry veteran Caleb Sima. In this roughly 60 minute session we establish a clear definition for BE, explain how it works in the real world and how it contrasts with commonplace practices such as “name and shame” benchmarking of vulnerability remediation progress. We’ll also clarify why security awareness training often sucks and how BE addresses historical security program deficiencies.
Before wrapping up with practical advice of how and why to get started with your own BE program, we learn why you should never say that humans are the weakest link. And why you probably should actually click on things. Lots of things. And just tell someone about it afterwards it went funky.
…
continue reading
Enter Behavioral Engineering. A new-ish discipline introduced by forward leaning cybersecurity teams that recognizes the pivotal role that humans and key behaviors play as part of our overall security posture. What do we mean by key behaviors? How we share sensitive information. What we do when we authenticate. How we react when we see something suspicious. And so on.
In this episode of Security Voices, Jack and Dave interview the Behavioral Engineering (BE) team of Robinhood, Masha Arbisman and Margaret Cunningham, as well the CISO, industry veteran Caleb Sima. In this roughly 60 minute session we establish a clear definition for BE, explain how it works in the real world and how it contrasts with commonplace practices such as “name and shame” benchmarking of vulnerability remediation progress. We’ll also clarify why security awareness training often sucks and how BE addresses historical security program deficiencies.
Before wrapping up with practical advice of how and why to get started with your own BE program, we learn why you should never say that humans are the weakest link. And why you probably should actually click on things. Lots of things. And just tell someone about it afterwards it went funky.
66 פרקים
שתפו
Manage episode 345237134 series 2495524
תוכן מסופק על ידי Security Voices. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי Security Voices או שותף פלטפורמת הפודקאסט שלהם. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.
In cybersecurity, we have teams focused on managing vulnerabilities. We have SOCs who spend their days obsessing over threats. App sec teams. Data privacy teams. In the typical, modern cybersecurity team, we have exactly zero people focused on helping humans defend themselves and the organization in spite of a massive increase in scams and fraud that are squarely aimed at tricking people into making bad decisions. Are we really more at risk from a new foreign adversary or CVSS 9 vulnerability than we are from an executive or someone in Finance being deceived by a scammer?
Enter Behavioral Engineering. A new-ish discipline introduced by forward leaning cybersecurity teams that recognizes the pivotal role that humans and key behaviors play as part of our overall security posture. What do we mean by key behaviors? How we share sensitive information. What we do when we authenticate. How we react when we see something suspicious. And so on.
In this episode of Security Voices, Jack and Dave interview the Behavioral Engineering (BE) team of Robinhood, Masha Arbisman and Margaret Cunningham, as well the CISO, industry veteran Caleb Sima. In this roughly 60 minute session we establish a clear definition for BE, explain how it works in the real world and how it contrasts with commonplace practices such as “name and shame” benchmarking of vulnerability remediation progress. We’ll also clarify why security awareness training often sucks and how BE addresses historical security program deficiencies.
Before wrapping up with practical advice of how and why to get started with your own BE program, we learn why you should never say that humans are the weakest link. And why you probably should actually click on things. Lots of things. And just tell someone about it afterwards it went funky.
…
continue reading
Enter Behavioral Engineering. A new-ish discipline introduced by forward leaning cybersecurity teams that recognizes the pivotal role that humans and key behaviors play as part of our overall security posture. What do we mean by key behaviors? How we share sensitive information. What we do when we authenticate. How we react when we see something suspicious. And so on.
In this episode of Security Voices, Jack and Dave interview the Behavioral Engineering (BE) team of Robinhood, Masha Arbisman and Margaret Cunningham, as well the CISO, industry veteran Caleb Sima. In this roughly 60 minute session we establish a clear definition for BE, explain how it works in the real world and how it contrasts with commonplace practices such as “name and shame” benchmarking of vulnerability remediation progress. We’ll also clarify why security awareness training often sucks and how BE addresses historical security program deficiencies.
Before wrapping up with practical advice of how and why to get started with your own BE program, we learn why you should never say that humans are the weakest link. And why you probably should actually click on things. Lots of things. And just tell someone about it afterwards it went funky.
66 פרקים
כל הפרקים
×
ברוכים הבאים אל Player FM!
Player FM סורק את האינטרנט עבור פודקאסטים באיכות גבוהה בשבילכם כדי שתהנו מהם כרגע. זה יישום הפודקאסט הטוב ביותר והוא עובד על אנדרואיד, iPhone ואינטרנט. הירשמו לסנכרון מנויים במכשירים שונים.
דומה לSecurity Voices
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Daily update on current cyber security threats
…
continue reading
This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
A podcast about web design and development.
…
continue reading
Get ready for a weekly dose of all things Enterprise Software and Cloud Computing! Join us as we dive into topics including Kubernetes, DevOps, Serverless, Security and Coding. Plus, we’ll keep you entertained with plenty of off-topic banter and nonsense. Don’t worry if you miss the latest industry conference - we’ve got you covered with recaps of all the latest news from AWS, Microsoft Azure, Google Cloud Platform (GCP) and the Cloud Native Computing Foundation (CNCF).
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
Join our weekly discussion about how to build top end Angular applications and become an Angular expert. Become a supporter of this podcast: https://www.spreaker.com/podcast/adventures-in-angular--6102018/support.
…
continue reading
A weekly talk show taking a pragmatic look at the art and business of Software Development and the world of technology.
…
continue reading
Player FM - אפליקציית פודקאסט
התחל במצב לא מקוון עם האפליקציה Player FM !
התחל במצב לא מקוון עם האפליקציה Player FM !
