Dr Karen Renaud & Dr Marc Dupuis: The Fear Factor - Human Layer Security

A Successful Security Strategy Is All About Relationships. Here’s How to Build Them.

Security efforts are not limited to security teams. High impact strategies need to engage everyone from employees to the board of execs, DevOps teams and IT. Learn how how to become not just an effective partner but a trusted advisor across an organization.

https://www.humanlayersecurity.com/blog/relationship-framework-for-security-leaders/

Your Legacy Phishing Solution Isn’t Enough to Protect Your Organization

CISO Josh Yavor explains why legacy phishing solutions aren't effective in preventing successful attacks, and what you can do about it.

https://www.humanlayersecurity.com/blog/human-layer-security-vs-legacy-solutions/

9 Things I’ve Learned Writing Phishing Emails

Ethical hacker, Craig Hays, explains why copywriting, timing, and context are all essential "ingredients" in crafting a phishing attack.

https://www.humanlayersecurity.com/blog/9-things-i-learned-writing-phishing-emails/

Employee Burnout Will Probably Cause Your Next Data Breach

Understanding how stress impacts cybersecurity behaviors could significantly reduce the chances of people’s mistakes compromising company’s security.

https://www.humanlayersecurity.com/blog/employee-burnout-causes-breaches/

Stateful Machine Learning is Our Best (And Only) Bet

Traditional machine learning methods that are used to detect threats at the machine layer aren’t equipped to account for the complexities of human relationships and behaviors across businesses over time. There is no concept of “state” — the additional variable that makes human-layer security problems so complex.

https://www.humanlayersecurity.com/blog/stateful-machine-learning/

How Easy Is It to Phish?

You don't have to be tech savvy to become a "hacker". This blog outlines how to create a phishing campaign, and was designed to help security leaders protect their organizations.

https://www.humanlayersecurity.com/blog/how-to-create-a-phishing-campaign/

Read More

Explore Human Layer Security.

Learn About Our Mission

Explore Me

Read More

Season 1, Episode 4

January 18th, 2021

The cybersecurity industry has relied on the concept of fear, uncertainty and doubt for years. It even has its own acronym – FUD. But is fear really the way to encourage people to make smarter cybersecurity decisions? Or does scaremongering actually has an adverse effect?

Tim Sadler speaks to Dr Karen Renaud, Professor at Abertay University and Dr Marc Dupuis, Assistant Professor at the University of Washington Bothell to find out. Specializing in the human factors of cybersecurity, these academics have researched the effectiveness of fear appeals in cybersecurity and they fully believe that the industry needs to flip the script when it comes to training people to do the right thing. They recently shared their findings in the Wall Street Journal – a brilliant article titled Why Companies Should Stop Scaring Employees About Security and, in this episode, they shed more light on the topic.

Read Dr Karen Renaud & Dr Marc Dupuis' Full Writeup