Managing the Human Element in Information Security
Computers do not commit crimes. People do. And it's people that design and use systems, create incidents and manage their impact. And the influence of people is increasing as we become a networked society. People are both the problem and the solution. If we can leverage their power, we can achieve the behaviour we seek. But traditional approaches are ineffective. People are too busy to read policies and new recruits pay more attention to colleagues than to bosses. We need a new approach, one that understands the human dimension. Drawing on his new book "Managing the Human Factor in Information Security" David Lacey explains how to transform culture and change behaviour, drawing on lessons from psychology, criminology and advertising, as well as many years of practical experience
Speaker: David Lacey
David is a leading expert on information security management with more than 25 years professional experience, as Director of Security and Risk Management for the Royal Mail Group and previously with the Royal Dutch/Shell Group and the Foreign & Commonwealth Office. David is now an independent researcher, writer and advisor to user organisations, technology companies and venture capitalists. He writes a leading blog on IT Security for Computer Weekly and he is the author of "Managing the Human Factor in Information Security" published by John Wiley.