Artwork

Content provided by Coen or Sander. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Coen or Sander or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Player FM - Podcast App
Go offline with the Player FM app!

A good security stack deserves a good security culture (Stu Sjouwerman, KnowBe4)

18:51
 
Share
 

Manage episode 417326042 series 3571695
Content provided by Coen or Sander. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Coen or Sander or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.

The human is often seen as the weak link in cybersecurity. You can have all the security tooling in the world, but if attackers target people they can still get in. People in general, so also employees of organizations, need to be made aware of how to spot these types of attacks. In other words, we need Human Detection and Response, i.e. HDR just as much as we need MDR and XDR.
KnowBe4 has been founded to address the challenges organizations have with educating their workforce on cybersecurity. During RSA Conference 2024, we sat down with founder and CEO Stu Sjouwerman.
We discuss the current state of affairs in security awareness inside organizations. A central theme for KnowBe4 nowadays is something they call adaptive human risk management. This is the foundation for a risk-based approach to cybersecurity through a human lens. You could see this as an extension of the many examples of risk-based cybersecurity approaches you can find in other areas of cybersecurity. The idea is to create a healthy security culture, alongside a good security stack.
There's more to it than security awareness training
We don't really discuss 'traditional' security awareness training all that much during our conversation. That's more or less table stakes now, even though there's still room for improvement on that front. However, KnowBe4 is also looking into new areas. Its acquisition of Egress is a clear example of this. Egress is a company that focuses on e-mail security. There already was a tight integration between the two players, which will become even tighter after the acquisition.
The fact that KnowBe4 ventures into the area of e-mail security may seem a bit strange at first sight. After all, KnowBe4 never was a 'traditional' security technology company, right? But if you factor into the equation that e-mail security is still the number one attack vector and that there a very strong human element to it, it actually makes perfect sense.
At the end of our conversation, we also touch on the role AI plays and is going to play in cybersecurity from a security awareness perspective. We zoom in on the rise of deepfakes. These keep getting better and better, so are harder and harder to detect for humans at the other end of them. Sjouwerman recognizes this is going to be a serious challenge, but he's also rather optimistic that common sense (and some technology of course) will eventually win this battle too.
We hope you enjoy this new episode of Techzine Talks on Tour.

  continue reading

Chapters

1. Security Training and Human Risk Management (00:00:00)

2. Future of Cybersecurity (00:16:23)

11 episodes

Artwork
iconShare
 
Manage episode 417326042 series 3571695
Content provided by Coen or Sander. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Coen or Sander or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.

The human is often seen as the weak link in cybersecurity. You can have all the security tooling in the world, but if attackers target people they can still get in. People in general, so also employees of organizations, need to be made aware of how to spot these types of attacks. In other words, we need Human Detection and Response, i.e. HDR just as much as we need MDR and XDR.
KnowBe4 has been founded to address the challenges organizations have with educating their workforce on cybersecurity. During RSA Conference 2024, we sat down with founder and CEO Stu Sjouwerman.
We discuss the current state of affairs in security awareness inside organizations. A central theme for KnowBe4 nowadays is something they call adaptive human risk management. This is the foundation for a risk-based approach to cybersecurity through a human lens. You could see this as an extension of the many examples of risk-based cybersecurity approaches you can find in other areas of cybersecurity. The idea is to create a healthy security culture, alongside a good security stack.
There's more to it than security awareness training
We don't really discuss 'traditional' security awareness training all that much during our conversation. That's more or less table stakes now, even though there's still room for improvement on that front. However, KnowBe4 is also looking into new areas. Its acquisition of Egress is a clear example of this. Egress is a company that focuses on e-mail security. There already was a tight integration between the two players, which will become even tighter after the acquisition.
The fact that KnowBe4 ventures into the area of e-mail security may seem a bit strange at first sight. After all, KnowBe4 never was a 'traditional' security technology company, right? But if you factor into the equation that e-mail security is still the number one attack vector and that there a very strong human element to it, it actually makes perfect sense.
At the end of our conversation, we also touch on the role AI plays and is going to play in cybersecurity from a security awareness perspective. We zoom in on the rise of deepfakes. These keep getting better and better, so are harder and harder to detect for humans at the other end of them. Sjouwerman recognizes this is going to be a serious challenge, but he's also rather optimistic that common sense (and some technology of course) will eventually win this battle too.
We hope you enjoy this new episode of Techzine Talks on Tour.

  continue reading

Chapters

1. Security Training and Human Risk Management (00:00:00)

2. Future of Cybersecurity (00:16:23)

11 episodes

All episodes

×
 
Loading …

Welcome to Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

 

Quick Reference Guide