Expert guidance on the art and science of driving secure behaviors Transformational Security Awareness empowers security leaders with the information and resources they need to assemble and deliver effective world-class security awareness programs that drive secure behaviors and culture change. When all other processes, controls, and technologies fail, humans are your last line of defense. But, how can you prepare them? Frustrated with ineffective training paradigms, most security leaders know that there must be a better way. A way that engages users, shapes behaviors, and fosters an organizational culture that encourages and reinforces security-related values. The good news is that there is hope. That’s what Transformational Security Awareness is all about. Author Perry Carpenter weaves together insights and best practices from experts in communication, persuasion, psychology, behavioral economics, organizational culture management, employee engagement, and storytelling to create a multidisciplinary masterpiece that transcends traditional security education and sets you on the path to make a lasting impact in your organization. Find out what you need to know about marketing, communication, behavior science, and culture management Overcome the knowledge-intention-behavior gap Optimize your program to work with the realities of human nature Use simulations, games, surveys, and leverage new trends like escape rooms to teach security awareness Put effective training together into a well-crafted campaign with ambassadors Understand the keys to sustained success and ongoing culture change Measure your success and establish continuous improvements Do you care more about what your employees know or what they do? It's time to transform the way we think about security awareness. If your organization is stuck in a security awareness rut, using the same ineffective strategies, materials, and information that might check a compliance box but still leaves your organization wide open to phishing, social engineering, and security-related employee mistakes and oversights, then you NEED this book.

Mitigate human risk and bake security into your organization’s culture from top to bottom with insights from leading experts in security awareness, behavior, and culture. The topic of security culture is mysterious and confusing to most leaders. But it doesn’t have to be. In The Security Culture Playbook, Perry Carpenter and Kai Roer, two veteran cybersecurity strategists deliver experience-driven, actionable insights into how to transform your organization’s security culture and reduce human risk at every level. This book exposes the gaps between how organizations have traditionally approached human risk and it provides security and business executives with the necessary information and tools needed to understand, measure, and improve facets of security culture across the organization. The book offers: An expose of what security culture really is and how it can be measured A careful exploration of the 7 dimensions that comprise security culture Practical tools for managing your security culture program, such as the Security Culture Framework and the Security Culture Maturity Model Insights into building support within the executive team and Board of Directors for your culture management program Also including several revealing interviews from security culture thought leaders in a variety of industries, The Security Culture Playbook is an essential resource for cybersecurity professionals, risk and compliance managers, executives, board members, and other business leaders seeking to proactively manage and reduce risk.

Expert guidance on the art and science of driving secure behaviors Transformational Security Awareness empowers security leaders with the information and resources they need to assemble and deliver effective world-class security awareness programs that drive secure behaviors and culture change. When all other processes, controls, and technologies fail, humans are your last line of defense. But, how can you prepare them? Frustrated with ineffective training paradigms, most security leaders know that there must be a better way. A way that engages users, shapes behaviors, and fosters an organizational culture that encourages and reinforces security-related values. The good news is that there is hope. That’s what Transformational Security Awareness is all about. Author Perry Carpenter weaves together insights and best practices from experts in communication, persuasion, psychology, behavioral economics, organizational culture management, employee engagement, and storytelling to create a multidisciplinary masterpiece that transcends traditional security education and sets you on the path to make a lasting impact in your organization. Find out what you need to know about marketing, communication, behavior science, and culture management Overcome the knowledge-intention-behavior gap Optimize your program to work with the realities of human nature Use simulations, games, surveys, and leverage new trends like escape rooms to teach security awareness Put effective training together into a well-crafted campaign with ambassadors Understand the keys to sustained success and ongoing culture change Measure your success and establish continuous improvements Do you care more about what your employees know or what they do? It's time to transform the way we think about security awareness. If your organization is stuck in a security awareness rut, using the same ineffective strategies, materials, and information that might check a compliance box but still leaves your organization wide open to phishing, social engineering, and security-related employee mistakes and oversights, then you NEED this book.

Harden your business against internal and external cybersecurity threats with a single accessible resource. In 8 Steps to Better Security: A Simple Cyber Resilience Guide for Business, cybersecurity researcher and writer Kim Crawley delivers a grounded and practical roadmap to cyber resilience in any organization. Offering you the lessons she learned while working for major tech companies like Sophos, AT&T, BlackBerry Cylance, Tripwire, and Venafi, Crawley condenses the essence of business cybersecurity into eight steps. Written to be accessible to non-technical businesspeople as well as security professionals, and with insights from other security industry leaders, this important book will walk you through how to: Foster a strong security culture that extends from the custodial team to the C-suite Build an effective security team, regardless of the size or nature of your business Comply with regulatory requirements, including general data privacy rules and industry-specific legislation Test your cybersecurity, including third-party penetration testing and internal red team specialists Perfect for CISOs, security leaders, non-technical businesspeople, and managers at any level, 8 Steps to Better Security is also a must-have resource for companies of all sizes, and in all industries.

This book constitutes the proceedings of the 17th IFIP WG 11.12 International Symposium on Human Aspects of Information Security and Assurance, HAISA 2023, held in Kent, United Kingdom, in July 2023. The 37 full papers presented in this volume were carefully reviewed and selected from 54 submissions. They are organized in the following topical sections: education and training; management, policy and skills; evolving threats and attacks; social-technical factors; and research methods.

Transitioning to Good Health and Well-Being addresses critical issues of health in the context of sustainability, which need to be tackled in order to achieve Agenda 2030. Acknowledging the dramatic improvements that have been made in the past decades with regards to health, we also face disparities that remain amongst and within countries. While life expectancy has more than doubled, we are, at the same time, confronted with the challenges that come along with population growth alongside environmental change, migration, ageing, and economic disparities. In its 2018 progress report concerning SDG 3, the UN stated that, while the quality of global health is increasing, “people are still suffering needlessly from preventable diseases”, both infectious and non-communicable, "and too many are dying prematurely". Although we are on the verge of eradicating, poliomyelitis, which disables 350’000 children each year, we continue to have few answers for outbreaks of emerging infectious diseases. Making progress against these outbreaks with strong health systems, particularly in neglected or inaccessible regions, is deeply connected to further issues targeted by the UN SDGs such as (restricted) access to clean water, healthy food, or continuing political instabilities as well as gender inequalities. Transitioning to Good Health and Well-Being, therefore, offers a vessel for a productive reflection and conversation on the meaning of and possibilities for global health, giving voice to a range of scholars, strategists and practitioners. Transitioning to Good Health and Well-Being is part of MDPI's new Open Access book series Transitioning to Sustainability. With this series, MDPI pursues environmentally and socially relevant research which contributes to efforts toward a sustainable world. Transitioning to Sustainability aims to add to the conversation about regional and global sustainable development according to the 17 SDGs. The book series is intended to reach beyond disciplinary, even academic boundaries.

This book is composed by the papers written in English and accepted for presentation and discussion at The 2023 International Conference on Information Technology & Systems (ICITS'23), held at Universidad Nacional de San Antonio Abad del Cusco, in Cusco, Peru, between the 24th and the 26th of April 2023. ICIST is a global forum for researchers and practitioners to present and discuss recent findings and innovations, current trends, professional experiences and challenges of modern information technology and systems research, together with their technological development and applications. The main topics covered are: information and knowledge management; organizational models and information systems; software and systems modelling; software systems, architectures, applications and tools; multimedia systems and applications; computer networks, mobility and pervasive systems; intelligent and decision support systems; big data analytics and applications; human–computer interaction; ethics, computers & security; health informatics; information technologies in education, and Media, Applied Technology and Communication.

Keep valuable data safe from even the most sophisticated social engineering and phishing attacks Fighting Phishing: Everything You Can Do To Fight Social Engineering and Phishing serves as the ideal defense against phishing for any reader, from large organizations to individuals. Unlike most anti-phishing books, which focus only on one or two strategies, this book discusses all the policies, education, and technical strategies that are essential to a complete phishing defense. This book gives clear instructions for deploying a great defense-in-depth strategy to defeat hackers and malware. Written by the lead data-driven defense evangelist at the world's number one anti-phishing company, KnowBe4, Inc., this guide shows you how to create an enduring, integrated cybersecurity culture. Learn what social engineering and phishing are, why they are so dangerous to your cybersecurity, and how to defend against them Educate yourself and other users on how to identify and avoid phishing scams, to stop attacks before they begin Discover the latest tools and strategies for locking down data when phishing has taken place, and stop breaches from spreading Develop technology and security policies that protect your organization against the most common types of social engineering and phishing Anyone looking to defend themselves or their organization from phishing will appreciate the uncommonly comprehensive approach in Fighting Phishing.

Protect your organization from scandalously easy-to-hack MFA security “solutions” Multi-Factor Authentication (MFA) is spreading like wildfire across digital environments. However, hundreds of millions of dollars have been stolen from MFA-protected online accounts. How? Most people who use multifactor authentication (MFA) have been told that it is far less hackable than other types of authentication, or even that it is unhackable. You might be shocked to learn that all MFA solutions are actually easy to hack. That’s right: there is no perfectly safe MFA solution. In fact, most can be hacked at least five different ways. Hacking Multifactor Authentication will show you how MFA works behind the scenes and how poorly linked multi-step authentication steps allows MFA to be hacked and compromised. This book covers over two dozen ways that various MFA solutions can be hacked, including the methods (and defenses) common to all MFA solutions. You’ll learn about the various types of MFA solutions, their strengthens and weaknesses, and how to pick the best, most defensible MFA solution for your (or your customers') needs. Finally, this book reveals a simple method for quickly evaluating your existing MFA solutions. If using or developing a secure MFA solution is important to you, you need this book. Learn how different types of multifactor authentication work behind the scenes See how easy it is to hack MFA security solutions—no matter how secure they seem Identify the strengths and weaknesses in your (or your customers’) existing MFA security and how to mitigate Author Roger Grimes is an internationally known security expert whose work on hacking MFA has generated significant buzz in the security world. Read this book to learn what decisions and preparations your organization needs to take to prevent losses from MFA hacking.

This book explores the innovations, disruptions and changes that are required to adapt in a fast-evolving landscape due to the extraordinary circumstances triggered by the COVID-19 pandemic. Recognized experts from around the world share their research and professional experience on how the working environment, as well as the world around them, have changed due to the pandemic. Chapters consider how different fields across technology and business have been affected by this new, dramatic scenario and the drastic consequences that the pandemic had on them. With diverse contributions stemming from public health, technology strategies, urban planning and sociology to sustainable management, this volume is articulated into four distinct but complementary sections of People, Process, Planet, and Prosperity influencing the post-COVID world. This book will be of great interest to those in the fields of computer science and information technology, as well as those studying the impact and effects that COVID-19 is having on society.