Reducing Cyber Risk By Reducing Friction, with Jason Hoenich
Jason Hoenich joins us as we return for Series 3, Episode 1 of the Re-Thinking the Human Factor Podcast. We are glad to be back after our hiatus having made a few changes to the podcast that we hope will add value and increase our reach so we can continue making security and behaviour awareness an engaging topic for all.
Both a security vendor and a sponsor of this podcast, Jason is a leader in the security awareness arena and a well-known speaker and blogger on the subject of awareness. He is the creator of the popular Hashtag Awareness video series and he brings over a decade of experience developing world-class awareness programs for companies including The Walt Disney Company, Activision Blizzard, and Sony Pictures Entertainment. Currently the President of Habitu8.
‘We live in the age of ‘Peak TV’ — people expect and demand high quality, binge-worthy content. If your training can grab their attention in the first 10 seconds and keep them engaged, that’s your chance to influence them and make them actually want to learn.’ - Jason Hoenich.
JOIN JASON HOENICH AND BRUCE HALLAS AS THEY DISCUSS:
- What challenges does one come across when applying security awareness across a behemoth such as Disney?
- The importance of flexibility when addressing different types of professionals coming from different mind sets.
-
- Left brain versus right brain professionals need different methods of communication.
-
- How flexibility enabled a safe space to explore new ideas and growth within user engagement.
- The challenges of influencing behaviour within specific environments.
-
- Looking for friction within different departments and accepting the reality that one cap does not fit all.
- Understanding each department within an environment personally by spending time to observe the way they prefer communications to be presented.
- The issue of time when taking a more nuanced approach to security across departments:
-
- Dealing with company preconceptions about how security and behaviour awareness looks.
- There is a need to market security correctly to get people to change their behaviour. Making decisions easy for user engagement.
- Setting expectations that are realistic is vital to the success of the mission to update security protocols across a company.
- Identifying stake holders and how it aids success:
-
- The foundational action is to engage key stake holders early on for optimum results.
- Corporate communications need to be brought into alignment quickly and painlessly.
- Selling the broader strategy and strengthening the internal ambassador network.
- The importance of change and how to tackle bias.
-
- Looking for ways to make communications more engaging.
- Crafting media to suit the audience and appeal to their attention span.
- How does staying fresh and relevant effect engagement?
- The famous ‘jam experiment’ and what can be gleaned from it.
-
- Choice architecture and applying it to security and human behaviour.
- A small amount of high quality choice equals a greater reaction.
- Understanding whether or not the process makes sense to the users to remove any friction.
- Role of regulators -
-
- Just because the law says it must be done, does this mean it gets done?
- Are regulations aiding the job of security awareness and education managers and is there any room for creativity?
- We cannot treat humans the same way we treat computers and the digital realm. Human behaviour needs to be accounted for.
- Reducing the risk of noncompliance via applied understanding of human behaviour.
RESOURCES AND TOPICS FOR FURTHER STUDY
MORE ABOUT JASON HOENICH
Please subscribe to the podcast in iTunes, and if you enjoyed this interview, please share with your friends and colleagues and leave a 5 star rating and review.
Thanks for listening and sharing.
Bruce & The Re-thinking the Human Factor Podcast Team