Select Page

What we learned at PeepSec 2019 – Part II

CYBSAFE-SebDB Webinar-preblog-221011MS-36

19 June 2019

Nudges webinar homepage banner

Webinar: The new science of security nudges

Increase engagement and improve security behaviors, with this revolutionary new approach.

What we learned at PeepSec 2019 – part two


This is Part Two of a post reviewing key takeaways from PeepSec 2019. You can read Part One here. To access the free video recordings of every talk from PeepSec 2019, register here.

Day three


JLT CISO Simon Legg opened proceedings on day three of PeepSec. In a discussion with CybSafe’s Oz Alashe and Sam Oliver, Simon revealed why he prefers to refer to himself as an “anti-CISO” rather than a CISO and outlined what he believes organisations should focus on to improve the way their people interact with modern technology.

“Protecting data is all about people. It is hugely about people and very rarely is it about technology on its own.” Simon Legg, CISO, JLT

Bournemouth University’s Dr. John McAlaney then took to the PeepSec spotlight, this time via a talk centred around social psychology. Dr. John’s talk was once again filled with practical and interesting insights for security professionals, such as advice on boosting security engagement, and on how wider groups influence individual decision-making.

Mark Parr, the second KPMG representative to share his wisdom as part of PeepSec 2019, followed Dr. John, revealing what it’s like to be the CISO of a global organisation. Mark’s talk centred on the biggest challenges today’s CISOs face… and how to overcome them.

“I can’t just be the boy that cried wolf, and I can’t just talk about that risk and what that ever-present risk is. I’ve got to talk about how we also use information security as a vehicle for the business to change.” Mark Parr, CISO, KPMG

Credit Suisse’s Caroline Bansraj kept proceedings flowing and, for the second year in a row, delivered a PeepSec talk filled with gold. Following her appearance at PeepSec 2018, Caroline discussed cyber security developments from the past 12 months, and how the security and technology communities can advance the way people use technology as the future unfolds.

The UK Department for Digital, Culture, Media & Sport’s Emma Green was a noteworthy addition to 2019’s PeepSec lineup, and her day-three talk did not disappoint. After discussing the importance of avoiding security burdens, Emma offered her thoughts on how societies can make sure every organisation becomes resilient to cyber attacks.

Day three ended with a to-the-point talk from Head of Global Security Operations at The Hut Group, Graeme Park. In a discussion with Oz Alashe, Graeme underlined the importance of building a culture of security – while also offering his thoughts on what a “secure culture” actually means. 

Get immediate access to every talk from PeepSec 2019 here.


Day four


Dr. Emily Collins was first to take to the stage on day four of PeepSec, discussing her research on ensuring people use technology securely. A highlight of the talk was Dr. Emily’s take on the role of people in data breaches. We know that people are involved in the majority of breaches. But does that mean people are to blame for the majority of breaches?

Security Awareness & Culture Manager at Quilter, Louise Cockburn, then discussed, among other things, the challenge of understanding and measuring culture, before Telstra’s Blair Adamson dialled into PeepSec from his base in Australia. Blair’s mere presence at PeepSec served as a demonstration of the wonders of modern technology, while his highly anticipated talk on “cyber influence” offered yet another boundary-pushing perspective on how to ensure people interact with technology safely.

Aping Blair, the National Cyber Security Centre’s (NCSC) Ceri J joined PeepSec via the wonders of modern technology. As part of an organisation whose mission is to make the UK the safest place to live and work online, Ceri was able to offer unfiltered advice on both what the NCSC is doing to improve people’s interactions with technology and what organisations could do to follow suit.

“Security often lacks that sharing aspect because we often keep things under cloak and dagger, we don’t want to tell people when things go wrong. In actual fact, a lot of things do go right, we learn from each other and that’s where the innovation can happen.” Ceri J, Senior Sociotechnical Researcher, NCSC

TechUK’s Talal Rajab followed, with a talk that touched on everything from trust and changing people’s behaviour to exciting upcoming technological innovations. Head of Cyber Security at EF Education First, James Packer, then brought day four to a close with an interesting question: should the size of an organisation influence its approach to cyber security?

Get immediate access to every talk from PeepSec 2019 here.

Day five


Day five of PeepSec began with a talk from Global Cyber Security Education & Awareness Consultant Marilise de Villiers, who kicked things off via a discussion with CybSafe’s Oz Alashe that explored several interesting questions. Do people have a false sense of security when using tech? Should we stop relying on people’s motivation to do the right thing? Are today’s security professionals still viewed as ‘policemen’? Watch Marilise’s discussion to see what she has to say.


Dr. Kate Muir of the University of Bath then discussed her research into how technology is changing the way we communicate, and the consequences of the resulting changes. As a communication specialist, Dr. Kate knows how to communicate effectively and, in her talk, offered advice on how security and technology professionals can improve their own communication.

“What you need to do is bring yourself onto their level and if you do that, you stand a much better chance of forming a good rapport with the person or group of people.” Dr. Kate Muir, Research Associate, University of Bath

Aviva’s Matt Bottomley followed Dr. Kate with a talk exploring some common challenges we face as modern technology users, before the University of Kent’s Professor Shujun Li discussed his research into the human aspect of cyber security. Both speakers touched on the Internet of Things (IoT) – with Matt first focusing on the IoT’s role in changing human behaviour before Prof. Shujun discussed how we can ensure people use IoT devices in a safe and secure manner.

The UKRI’s Maurizio Fantato was the penultimate guest speaker of PeepSec 2019. In a talk that centred on the extraordinary pace of technological progress, Maurizio discussed how said progress is affecting society, how culture can in fact influence our adoption of technology and the role of government in changing the way people interact with technology.

Author; podcast host;; consultant; trainer in the field of security awareness, behaviour and culture; and driving force behind the ‘re-thinking the human factor’ movement, Bruce Hallas, then took centre stage as the final guest speaker of PeepSec 2019. In a discussion once again packed with insights, Bruce explained why security awareness should be secondary to promoting secure behaviours and a secure culture, what Ancient Greece can teach us about security training and how good security training can help businesses not just survive but prosper.

In his closing remarks, CybSafe CEO Oz Alashe underlined that PeepSec 2019 provided an opportunity to stop and think about how, as the future unfolds, we ensure interactions between people and technology are secure, sustainable and have a positive impact on society. What makes PeepSec truly unique, Oz noted, is the fact it’s still 100% free and 100% online, ensuring you can access every PeepSec insight for free no matter where you might be in the world.

If you’d like to do so, you can get immediate access to every talk from PeepSec 2019 by registering here now.