A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Pavlovian Security: How To Change the Way Your Users Respond When the Bell Rings - Ben Ten Magen Wu Derbycon 2015 (Hacking Illustrated Series InfoSec Tutorial Videos)

Pavlovian Security: How To Change the Way Your Users Respond When the Bell Rings
Ben Ten Magen Wu
Derbycon 2015

We all have a condition response to certain stimuli. This could be internal or external. As we have been exposed to these stimuli, which at first were neutral, they have caused a Pavlovian conditioned response; like checking your phone, email, etc when it beeps or vibrates. Often times these neutral stimuli become active to produce a trigger-habit-reward feedback loop which modifies behavior. In this talk, we will present how to use this feedback loop to modify the behavior of your users in regards to Security. We will highlight what works and what does not work when attempting to get your users to adopt your Security policies and procedures. We will show you how you can use these methods in the trigger-habit-reward feedback loop to encourage the users to change their security habits; not only in their personal life but in your organization as well. When your users everyday behavior is modified, it makes it easier for their behavior to be modified in your organization. So join us to learn when the bell rings, or the warning box appears, how you can modify your users behavior so they respond securely.

Tottenkoph: I am a security consultant for Rapid7 and have been working in IT/Infosec for the past 10 years. During that time, I have also spoken at several hacker cons, co-run the Proving Grounds track, and am currently pursuing my Master's degree in Industrial and Organizational Psychology, planning to apply it to the hacker and infosec communities. Ben Ten: I am a Senior Security Consultant. I have over 14 years of experience doing security things. I created the PoshSec Framework. I help run the BSides Joint Task Force CTF, an active board member of Secure Chicago, LLC, and work with the PoshSec development team. I am a hugger. Feel free to hug. Long awkward hugs are okay. I am the short one. Really. I'm so short I'm 404! I'm even too young looking for 21 jump street. Do people really read these things?

@tottenkoph
@ben0xa

Back to Derbycon 2015 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast