53 avsnitt • Längd: 40 min • Månadsvis
Cybersecurity is complex. Its user experience doesn’t have to be. Heidi Trost interviews information security experts about how we can make it easier for people—and their organizations—to stay secure.
The podcast Human-Centered Security is created by Voice+Code. The podcast and the artwork on this page are embedded on this page using the public podcast feed (RSS).
Where are security tools failing security teams? What are security teams looking for when they visit a security vendor marketing website? Paul Robinson, security expert and founder of Tempus Network, says, “Over-promising and under-delivering is a major factor in these tools. The tool can look great in a demo—proof of concepts are great, but often the security vendor is just putting their best foot forward. It's not really the reality of the situation.”
Paul’s advice for how can security vendors do better?
Looking for a cybersecurity-related movie that is just a tad too plausible? Paul recommends Leave the World Behind on Netflix.
When we collaborate with people, we build trust over time. In many ways, this relationship building is similar to how we work with tools that leverage AI.
As usable security and privacy researcher Neele Roch found, “on the one hand, when you ask the [security] experts directly, they are very rational and they explain that AI is a tool. AI is based on algorithms and it's mathematical. And while that is true, when you ask them about how they're building trust or how they're granting autonomy and how that changes over time, they have this really strong anthropomorphization of AI. They describe the trust building relationship as if it were, for example, a new employee.”
Neele is a doctoral student at the Professorship for Security, Privacy and Society at ETH Zurich. Neele (and co-authors Hannah Sievers, Lorin Schöni, and Verena Zimmermann) recently published a paper, “Navigating Autonomy: Unveiling Security Experts’ Perspective on Augmented Intelligence and Cybersecurity,” presented at the 2024 Symposium on Usable Privacy and Security.
In this episode, we talk to Neele about:
Roch, Neele, Hannah Sievers, Lorin Schöni, and Verena Zimmermann. "Navigating Autonomy: Unveiling Security Experts' Perspectives on Augmented Intelligence in Cybersecurity." In Twentieth Symposium on Usable Privacy and Security (SOUPS 2024), pp. 41-60. 2024.
In this episode, Heidi gets a taste of her own medicine and is interviewed by co-host John Robertson about her newly-released book Human-Centered Security: How to Design Systems That Are Both Safe and Usable. We talk about:
The cybersecurity industry often fixates on “behavior change,” expecting users to take on unrealistic tasks instead of designing safer, smarter systems.
Matt Wallaert (founder of BeSci.io and author of Start at the End: How to Build Products that Create Change) explains behavioral science isn't about forcing behavior change. Instead, it's about understanding people so a thoughtfully-designed system can influence more secure outcomes.
Whether you’re a UX designer, a security engineer, or a CISO, you influence security behaviors. Here’s how you can move towards more secure outcomes:
Bonus: UX designers, after this episode you may never create another persona.
“Technical people need to better understand the laws and regulations and lawyers need to better understand the technology and processes in place. When that happens, when those worlds come together, that’s where you can meaningfully make things happen.” -Justine Phillips, Partner at Baker McKenzie
In this episode, we talk about:
Justine Phillips is a Partner at Baker McKenzie, where she is co-chair of data+cyber for the Americas. She is the author of Data Privacy Program Guide: How to Build a Privacy Program That Inspires Trust.
What do CISOs have to say about the security tools their teams use?:
“When we introduce a level of complexity in the system, it undermines security. Every moment wasted trying to use a tool effectively benefits the adversary.” - Matt Stamper
In this episode, we talk to cybsecurity leaders Bill Bonney, Gary Hayslip, and Matt Stamper about:
Bill Bonney, Gary Hayslip, and Matt Stamper are seasoned CISOs and cybersecurity leaders. They are co-founders of the CISO Desk Reference Guide—a series of books including topics such as security policy, third-party risk, privacy, and incident response—which provide actionable insights for security leaders.
In this episode, we talk about:
Jaron Mink is an Assistant Professor in the School of Computing and Augmented Intelligence at Arizona State University focused on the intersection of usable security, machine learning, and system security.
In this episode, we highlight two of Jaron’s papers:
In this episode, we talk about:
Serge Egelman is the Founder and Chief Scientist at AppCensus and Research Director at International Computer Science Institute (ICSI). He’s written countless research papers on usable security and privacy. Most recently, his research centers around improving the user experience for users who are responsible for safeguarding their customer’s data (such as software engineers).
Shante Perrin, a cybersecurity leader, and her team use cybersecurity software to not only to detect and respond to cybersecurity threats but also, as Shante describes, to help paint a picture for their customers:
“We like to build a timeline of events to build that picture, create that story so we can deliver it to the customer and explain why we felt it is suspicious. In other words, why are we bothering you about this?”
In this episode, we talk about:
Shante Perrin is a cybersecurity leader and is currently the director of a managed services team. She led a cybersecurity team for a Fortune 100 company as an MSSP and has been a security analyst and security operations center (SOC) lead.
In this episode, we talk about:
Julie Haney is a Computer Scientist and Human-Centered Security Researcher and program lead at NIST (National Institute of Standards and Technology). She was formerly a Computer Scientist at the United States Department of Defense. In the episode we refer to two of Julie’s publications: “From Ivory Tower to Real World: Building Bridges Between Research and Practice in Human-Centered Cybersecurity” and “Towards Bridging the Research-Practice Gap: Understanding Researcher-Practitioner Interactions and Challenges in Human-Centered Cybersecurity.”
Security analysts respond to security detections and alerts. As part of this, they have to sift through a mountain of data and they have to do it fast. Not in hours, not in days. In minutes.
Tom Harrison, security operations manager at Secureworks, explains it perfectly, “We have a time crunch and it’s exacerbated by the other big issue security analysts have: we have an absolute ton of data that we have to sift through.”
In this episode:
Tom explains that security analysts are forced to go back to a pile of data with each subsequent question in their workflow. That’s a huge waste of time. And a terrible user experience.
Tom says, “It would lead to better accuracy, faster triage, and a better user experience if you can just take me directly to the answer or at the very least a subsection that has the answer I’m looking for.”
What does this mean for you as a UX designer designing security products? You need a deep understanding of security analyst workflows to help them identify and respond to attacks as quickly as possible.
That way, you can design security products that support users who are under intense pressure to do things quickly. Tom describes how the UX can “guide or complement the workflow.”
Tom talks about what gets him excited about integrating AI into security analyst workflows—and what has him worried, as well.
Tom Harrison is a Security Operations Manager at Secureworks. We dubbed Tom an “ideas machine” and a fierce advocate for the security analyst user experience. In fact, Tom is conducting UX research in the field better than most UX researchers. He’s a passionate teacher and shares his knowledge and resources in a free security reference guide.
“Even though usability and security tradeoffs will always be with us, we can get much smarter. Some of the techniques are really simple. For one, write everything down a user needs to do in order to use your app securely. Yeah, keep writing.”
In this episode, we talk about:
Adam Shostack is an expert on threat modeling, having worked at Microsoft and currently running security consultancy Shostack + Associates. He is the author of The New School of Information Security, Threat Modeling: Designing for Security and Threats: What Every Engineer Should Learn From Star Wars. Adam’s YouTube channel has entertaining videos that are also excellent resources for learning about threat modeling.
“UX design can enhance the overall performance, adoption, and impact in cybersecurity tools that leverage AI, making the tools more accessible to a broader range of users, including those who don’t have deep technical or security knowledge.”
In this episode, Siddharth Hirwani and John Robertson talk about:
Siddharth Hirwani is Senior Principal Product Designer interested in exploring the critical intersection of user experience and cybersecurity.
John Robertson is a researcher interested in the experience of technical users, especially those in cybersecurity. Recently his focus has been understanding workflows of cybersecurity analysts in security operations centers.
Siddharth and John will be presenting their paper “Cybersecurity Analyst’s Perception of AI Security Tools and Practical Implications” at USENIX SOUPS (Symposium on Usable Privacy and Security) in August 2024.
“People try to talk about the technical user experience at too high of a level. You talk about alert fatigue and you kind of understand what alert fatigue is just by the name. Yeah, there’s a lot of alerts. But watching it in action is different.”
In this episode, Heidi interviews John about what he’s learned about designing for security analysts. We talk about:
John Robertson is a researcher interested in the experience of technical users, especially those in cybersecurity. Recently his focus has been understanding workflows of Cybersecurity Analysts in Security Operations Centers.
Carlie Hundt and Devon Hirth believe a UX designer’s role is to “lift up the voices of the people trying to access and use government services.” Trust is really important. How do we build trust through the user experience, particularly when you are asking for personal information?
In this episode, we talk about:
Both Carlie Hundt and Devon Hirth work for Code for America, a civic tech non-profit, in the Safety Net Innovation Lab. Carlie is Staff Product Designer and Devon is Staff User Experience Designer.
When thinking about building products for security teams, we often emphasize the technical side: reduced false positives, new detection techniques, and automation. But what about asking things like: how do security teams work together? What excites a security analyst about their job? How can we help them do more of that? What does the experience look like across a suite of cybersecurity products? To improve the user experience for security teams—and improve security outcomes—you have to think holistically.
In this episode, we talk about:
Lindsey Wallace is the Director of Design Research and Strategy at Cisco Security Design. She has a PhD in Anthropology and previously worked at Adobe.
Are you inadvertently designing a security user experience that makes it less likely your users will choose the most secure option for them? Are security-related roadblocks preventing people from using your service? In order to design inclusive experiences—including accessible experiences—you must include users with disabilities in your research.
In this episode, we talk about:
Joyce Oshita is a Certified Professional in Web Accessibility, accessibility trainer and educator, and advisor for the FIDO Alliance task force. Joyce created the Digital Overload series, which documents her experiences using digital services while using a screen reader.
Also check out the W3C Web Accessibility Initiative (WAI) Web Accessibility Perspective Videos.
How do you help security teams understand what happened and what to do next? Data science can help with that. Serge-Olivier Paquette, CPO at threat intelligence and analytics platform Flare, combines product, cybersecurity, and data science expertise to develop cutting-edge products and experiences that help security teams make informed decisions.
In this episode:
Serge-Olivier Paquette is CPO at Flare, a cybersecurity platform that helps organizations proactively identify security threats. He works at the intersection of product management, data science, cybersecurity, and platform engineering. Serge-Olivier was previously tech lead and senior manager at Secureworks.
What do the terms digital identity and access mean for the user experience? David Mahdi, CIO at Transmit Security and digital identity and cybersecurity expert, breaks it all down in this episode.
We talk about:
David Mahdi is the CIO at Transmit Security, former Gartner research VP, and was previously CSO at Sectigo. An IAM leader and visionary, David is an expert in digital identity, cryptography, and cybersecurity.
We start the episode discussing a very serious topic: emojis. Then we get back to your regularly scheduled programming.
How would you approach security if you were building something from scratch? How would you address security user experience challenges? Darren Thomas and Margaret Cunningham from Wethos AI talk about how they’ve built security into their product and how cross-disciplinary collaboration helps them improve the security user experience.
In this episode, we talk about:
Darren Thomas is the co-founder and Chief Product Officer at Wethos AI, a platform that helps people and teams connect and understand one another to improve both individual and team performance. Darren is also the founding team member and head of product at NumberOne AI. A veteran in product management within the security industry, Darren has previously worked at Tenable and McAfee.
Margaret Cunningham is an experimental psychologist and is Chief Scientist at Wethos AI. Previously, Margaret was Senior Staff Behavioral Engineer, Security & Privacy at Robinhood and Principal Research Scientist for Human Behavior at Forcepoint’s X-Lab. Check out the Margaret’s first interview on the Human-Centered Security podcast (Episode 9).
When your website says, “we value your privacy,” how do users interpret that statement? How do they experience “privacy” in your product? What messages are you conveying--perhaps unintentionally? Privacy expert Michelle Finneran Dennedy helps designers think about privacy in the context of the user experience.
In this episode, we talk about:
Michelle Finneran Dennedy is a privacy expert, the co-founder of Privacy Code, and was formerly Chief Privacy Officer at McAfee. She is the co-author of The Privacy Engineer’s Manifesto.
Designing for the security user experience is challenging because if security controls are too complex or burdensome, users may bypass them, which compromises security. Additionally, the constant evolution of threats means that effective security controls must be continuously updated to stay ahead of threat actors. In other words, what may have been relatively effective yesterday might not be effective tomorrow. Exactly why the security user experience is so exciting!
Thankfully, Kevin Goldman shares my enthusiasm. Kevin is a design executive whose most recent focus has been in identity and access management. Kevin is the Chair of the UX Working Group at the FIDO Alliance, a nonprofit global industry organization that has developed the standards for passkeys.
During this episode, Kevin and I talk about:
UX folks are great at asking questions about AI and that’s exactly what we do in this episode. But “questions” sounds boring so we gave the set of questions a fancy name: a UX of AI framework. UX researcher John Robertson describes the UX of AI framework he and his team helped build.
In this episode, we talk about:
John Robertson is a skilled UX researcher with a background in neuroscience and experience working at organizations such as American Airlines, IBM, and Visa. Currently he is a Senior Principal UX Researcher for a cybersecurity software company implementing quantitative and qualitative methods to create human centered security analyst experiences.
In the episode, we reference:
Analyzing Qualitative User Data at Enterprise Scale with AI: The GE Case Study by Jakob Nielsen
If there’s one thing both UX teams and security teams can empathize with each other on is being involved too late in the development process. Ali Cuthbertson and Jason Telner realized that it wasn’t enough for teams to embrace the need for UX and security—they needed a method for integrating them into their agile development processes.
Throughout the interview, Ali and Jason will be referencing a project they worked on together to help develop and foster a consistent process for integrating UX and security into an agile development process for teams at IBM. As a result of their work, they developed a set of principles and best practices. They talk about:
Ali and Jason presented some of their research and recommendations at the 2023 UXPA presentation called “How to balance strong user experiences with enhanced security within an agile framework? Lessons learned and best practices.”
Ali Cuthbertson is the Technical Vitality Development Manager and CIO Design Program Manager at IBM. Ali brings over 20 years of seasoned expertise navigating software and hardware engineering. She has become the Indiana Jones of life sciences, user experience, talent management, vitality optimization, security protocols, AI advancements, data analytics, scientific exploration, and cutting edge cloud technologies.
Jason Telner, PhD, is a senior user researcher within IBM’s CIO design user research and data analytics team. Jason has over 15 years of experience working within the field of user research. In his current role at IBM, Jason’s focus has been on improving the user experience of employee support applications such as chatbots, web support, and voice interface support.
Ever wonder what it’s like to design enterprise cybersecurity software? Tom Keenoy, a design leader for a cybersecurity company, explains why what you learned in design school may not apply when you’re building software for specialized power users (think: security analysts, IT administrators, devops).
Tom Keenoy is a design leader who loves building technical products for power users. At various points in his career he’s been a designer, an educator, an engineer, a product manager, and a startup founder. He’s currently leading a design team at a cybersecurity company and advising growth stage startups to help right-size their UX and product design programs.
Ever encountered a CAPTCHA and thought to yourself, “whoever decided to put this here must really hate people”? It turns out, the people who make the decisions to use CAPTCHAs hate them as much as you do. Jason Puglisi, an application security engineer, describes what teams like his think about when evaluating potential solutions to a security issue. (Spoiler: you’ll be pleased to know these considerations include how security solutions may affect the user experience).
Jason Puglisi is an application security engineer at a financial technology company. He performs ethical hacking to discover vulnerabilities, guide solutions, and inform organization-wide security measures. Human security is a particular passion of his, including security culture, awareness, and various aspects of social engineering.
In this episode, we talk about:
Adam Shostack is an expert on threat modeling, having worked at Microsoft and currently running security consultancy Shostack + Associates. He is the author of The New School of Information Security, Threat Modeling: Designing for Security and the forthcoming Threats: What Every Engineer Should Learn From Star Wars. Adam’s YouTube channel has entertaining videos that are also excellent resources for learning about threat modeling.
In this episode we talk about:
Bethany Sonefeld is the founder of Create With Conscience, a space dedicated to educating and committing to building healthier technology. Create With Conscience was something Bethany developed out of interest in creating a healthier balance of technology in her own life. Bethany is a design manager at Duo Security and was previously at Cloudflare, RetailMeNot, and IBM.
Blair Shen is a product designer at Duo Security and was previously at Cloudflare and Harry&David. She is also a YouTube content creator, where she mentors and coaches aspiring UX designers.
In this episode, we talk about:
Bethany Sonefeld is the founder of Create With Conscience, a space dedicated to educating and committing to building healthier technology. Create With Conscience was something Bethany developed out of interest in creating a healthier balance of technology in her own life. Bethany is a design manager at Duo Security and was previously at Cloudflare, RetailMeNot, and IBM.
How do the UX, product, and technology teams effectively collaborate when it comes to security? How do we, as part of the UX team, take part in the security conversations and what role do we play?
In this episode, we talk about:
Michael Snell is the UX research team lead at JPMorgan Chase managing research focused on security and authentication. He previously worked at Microsoft and Verizon Connect. He has a PhD in psychology from the University of Georgia.
In this episode, we talk about:
Read Jeremiah’s research: Usability Comparison of Over-the-Shoulder Attack Resistant Authentication Schemes.
Jeremiah is the Director of Human Factors, Ph.D. Track and Associate Professor of Psychology and the School of Cybersecurity at Old Dominion University. He runs the Psychology of Design Laboratory, which focuses on human cognition and technology, including usable security.
In this episode, we talk about:
Tanja Venborg Hansen is a seasoned user researcher who has worked in both the enterprise cybersecurity (Forcepoint) and aviation industries (Finnair). She earned a master of science degree focused on design and innovation from the Technical University of Denmark.
In this episode, we talk about:
Chloe Poynton is the co-founder and principal at Article One Advisors, a management consultancy with expertise in human rights, responsible innovation, and social impact.
In this episode, we talk about:
And Jared shares lots of examples.
Jared Spool is the founder of UX consultancy UIE and the co-founder of UX design school Center Centre. Interested in hearing more about what Jared has to say about the security of UX? Watch the talk: Insecure and Unintuitive: Why We Need to Fix the Security of UX.
In this episode, we talk about:
Kate Brett Goldman is the Founder and CEO of Cybermaniacs, an innovative cybersecurity awareness company. Prior to founding Cybermaniacs, Kate spent over 20 years developing solutions that encourage human and organizational change in enterprise IT.
In this episode we talk about:
Ira Winkler is the founder of Secure Mentem and Chief Information Security Officer at Skyline Technology Soutions. He is the author of seven books on security, the latest of which is You Can Stop Stupid (discussed in this episode). He also has a new book in the works, Security Awareness for Dummies, which will be available in 2022.
In this episode we talk about:
Prior to founding Finite State, Matt spent 15 years leading the research and development of advanced solutions to some of the hardest problems in cyber security, with experience across the spectrum of offensive and defensive cyber operations. Notably, he was the technical founder and CTO of Battelle's Cyber Innovations business unit. Throughout his career, Matt has spearheaded complex national security programs ranging from detection of malicious integrated circuits in the supply chain to next generation intrusion detection systems for low-power embedded systems. Matt directed numerous intelligence programs related to the security of embedded and IoT devices and has been a speaker on the subject at events around the world.
In this episode, we talk about:
Patricia Ensworth is a business anthropologist whose work focuses on the human factors affecting the development and maintenance of innovative products, services, and systems. As a technology project manager at leading global financial services firms (Merrill Lynch, Moody’s UBS, Citigroup, Morgan Stanley) she came to specialize in risk analysis and quality assurance, often recently in relation to cybersecurity vulnerabilities. Her consulting firm Harborlight Management Services LLC provides organizational research and management training to clients in a broad range of industries, as well as government agencies and non-profits. She is the author of The Accidental Project Manager: Surviving the Transition from Techie to Manager (Wiley 2001) and numerous technical articles about multicultural teamwork in software engineering. She is also an Adjunct Assistant Professor teaching in a graduate business degree program at New York University.
In this episode, we talk about:
Dr. Nikki Robinson is a Security Architect and holds a Doctorate of Science in CyberSecurity, as well as several industry certifications (CISSP, CEH, MCITP, etc). She is currently working on a PhD in Human Factors and research in blending psychology and cybersecurity. With a background in IT Operations and Engineering, she moved into security several years ago.
During this episode, we talk about:
Robin Bylenga is a seasoned client-facing expert, having drawn her initial skills early in her career as a flight attendant. Prior to entering cybersecurity, she was the CEO and Founder of Pedal Chic, the first women-specific bike shop in North America. She built the brand, won national awards, and designed a full line of bicycles for a niche market. Then her company suffered an insider threat attack. That experience changed the course of her life and brought her to a new career and the opportunity to adapt the Human Factors Analysis and Classification System (HFACS) framework to cyber.
Learn more about Robin's research at https://hfacs-cyber.com/
In this episode, we talk about:
Ryan Cloutier is the principal security consultant for SecurityStudio. He is an experienced IT/cybersecurity professional with over 15 years experience developing cybersecurity programs for Fortune 500 organizations. Ryan is a virtual Chief Information Security Officer for K12 districts across the country and is Certified Information Systems Security Professional (CISSP) and is proficient in cloud security, dev-ops, and sec-ops methodologies, security policy, process, audit, compliance, network security, and application security architecture. Ryan also co-hosts a weekly security podcast and is included on the top 100 most influential people in cybersecurity.
You can also find Ryan:
In this episode we talk about:
Natalie Hill is a senior product designer with over 20 years of professional experience and a Master of Science in Information Studies. Her niche is enterprise UX. She loves finding elegant solutions to complex design problems and understanding the psychology that drives human behavior. Natalie considers cybersecurity one of the most important things in the world and has spent the last four years designing network, web, and email security solutions.
Natalie is a seasoned guitar player who enjoys playing live with a band in non-pandemic times. She is also on the board of directors of the nonprofit Girls Rock Austin, an organization dedicated to empowering girls, transgender, and non-binary youth through music education, mentorship, and self-care.
During this episode, we talk about:
Alexander Stein, PhD is an expert in human behavior and decision-making, and founder and managing principal of Dolus Advisors, a pyschodynamic management consultancy that advises CEOs, senior management teams, and boards in issues involving leadership, culture, governance, ethics, risk, and other organizational matters with complex psychological underpinnings. Dr. Stein is an internationally regarded authority in human risk and the psychodynamics of fraud and is frequently engaged as a specialist advisor in multi-jurisdictional, corruption, and executive misconduct matters and also helps companies mitigate and address human factor vulnerabilities in cybersecurity. He also consults with companies that develop and deliver technologies that assume decision-making functions in human affairs to mitigate unintended consequences to people, organizations, and society. Dr. Stein is a widely published and cited writer and thought leader, currently a regular contributor to Forbes on the psychology of leadership and misbehavior in business, and a frequent podcast and webinar guest, on-camera expert commentator, and keynote speaker and panelist.
Find more information on Dr. Stein and Dolus Advisors:
Laura Nespoli is founder of Meshin Movement, a brand strategy consultancy. Laura has spent her career serving as a strategic problem-solver and brand storyteller across the sales marketing spectrum in many facets--from agency to client-side, media to creative, market
research to integrated marketing planning. Her professional focus is in helping brands and teams reveal business opportunity and advantage while her passion is rooted in inspiring ideas that serve the world for greater good.
During this episode we talk about:
Dr. Margaret Cunningham is an experimental psychologist and the Principal Research Scientist for Human Behavior at Forcepoint’s X-Lab. In this role, she serves as the behavioral science subject matter expert in an interdisciplinary security team driving the development of human-centric security solutions. Previously, she supported the Human Systems Integration branch of The Department of Homeland Security.
In this episode, we talk about:
Brian Murphy, a security specialist at GreyCastle Security, is a technology, information security, and risk management professional. He assists with the development and implementation of cybersecurity solutions for a variety of industries. Brian has knowledge of PCI, SOX, GLBA compliance requirements, as well as ISO and NIST standards and regulations.
On this episode we talk about:
Dr. Nobles is a cybersecurity scientist and human factors practitioner with more than 25 years of experience. He retired from the U.S. Navy and currently works in the financial services industry. Dr. Nobles recently completed a Cybersecurity Policy Fellowship with the New America Think Tank in Washington, D.C.
In this episode we talk about:
Alex is the EY Americas Cybersecurity Lead for Secure Culture Activation. With a background in sports broadcasting and operational security, she is experienced in security communications and education, awareness program development, the psychology of social engineering, and behavior analytics. In her free time, she is a mother of three and she volunteers with law enforcement agencies and neighborhood organizations to educate community members, elder care organizations, children and parents on information security and social media safety.
During this episode, we’re focusing on what successful organizations are doing to manage risk. We talk about:
Yan Grinshtein is an HCI and accessibility certified human-centered design leader, speaker, and mentor. Currently the head of design at HYPR, Yan has over 20 years of experience as a creative and design leader. He has worked on three different continents across four countries with companies ranging from Fortune 500 to startups, some of which have become multi-billion dollar companies today. You can follow Yan on Medium or Linkedin.
In this episode, we talk about:
Christian Rohrer is Senior Director, User Experience at McAfee, returning to the company after a 5-year hiatus during which he was Founder and Principal at XD Strategy, a UX strategy consultancy, and former Vice President of Design, Research and Enterprise Services at Capital One. He has also led UX teams at Realtor.com, eBay, and Yahoo!. Christian holds a Bachelors in Computer Science from UC Santa Cruz and a Ph.D in Cognitive Science and Education from Stanford University.
Christian not only has a deep understanding of the complex cybersecurity ecosystem, he also appreciates the challenges in getting stakeholder buy-in to ensure the user experience is prioritized.
In this episode, we talk about:
In this episode we talk about:
Kaliya is the co-author of “Comprehensive Guide to Self-Sovereign Identity,” and author of “Domains of Identity.” She is also one of the co-founders of the Internet Identity Workshop, which brings together people to help develop open standards for ways people can own and control their digital representations of themselves.
Jim Nelson, Senior Security Consultant for Innovative Solutions, has been working with organizations to help raise their security posture based on their risk for the last 17 years.
In this episode, we talk about:
Gabriel has been studying human behavior for a long time. His first company, ObserveIT, an insider threat management platform recently acquired by Proofpoint, dealt with monitoring and reporting on out-of-policy employee behavior. Today, as the founder of Wizer, a security awareness training platform, Gabriel is focused on ensuring, as he put it, “security awareness is a basic human skill.” In fact, not only is Wizer’s training user-friendly and in digestible chunks, most of it is free.
In this episode, we talk about:
En liten tjänst av I'm With Friends. Finns även på engelska.