When people fail from a security perspective, everyone seems to blame the users. Part of the consistent failing is that organisations expect users to do their job, and somehow know what security to implement into the process on their own. This presentation will talk about how to build security behaviours into organisational policies and procedures and therefore practice.
Learning Objectives: 1: Learn why current awareness programs focus on the wrong things. 2: Understand how and why practices should be embedded into procedures and guidelines. 3: Learn how to embed security practices into business processes.