Organizations have been urged to place a greater focus on ensuring that the cyber security training they deliver is translated into actual behavior change among staff.
Leading cyber security experts and a career criminal addressed delegates at Dell Technologies World 2023, saying that raising cyber awareness across the business is not enough to enact useful change.
Oz Alashe MBE and CEO at risk management firm Cybsafe, veteran security journalist Kim Zetter, and famous former con artist Frank Abagnale all agreed that individual behavior can make or break an organization’s cyber posture.
Zetter used Mandiant’s Henna Parviz, a security analyst who spotted the first indicators of the Solarwinds attack.
It was Parviz who in November 2020 noticed a Samsung phone had been registered to an employee without a phone number, and that it had been used to log into the employee’s virtual private network (VPN) from a different state to where the employee was based.
What she had discovered was the first concrete clue of the Solarwinds breach, led by a standard security alert that Zetter stated a less-fresh, “more jaded” analyst may have disregarded entirely.
Alashe said that the main…
