Punishment in Cyber Security
In this virtual workshop, we will be discussing the implications of punishment for managing cyber security behaviour and the findings from our Simulated Phishing and Employee Cyber security behaviour (SPEC) project.
Oz Alashe MBE, CEO & Founder of CybSafe
Naming and Shaming. Taking away IT assets. Forcing training if they clicked. Lots of companies are doing it, but should they?
We know that most unintentional insider threats are just that. Unintentional. They are due to human error and behaviour, but should you be punishing your staff? What is the impact on staff productivity and wellbeing?
In this virtual workshop, we will be discussing the findings from our Simulated Phishing and Employee Cyber security behaviour (SPEC) project funded by the Centre for Research and Evidence on Security Threats (CREST). You will hear about what this means for your organisational policies and our panel of industry experts will be chatting about their experiences of punishment and its impact on cyber security.
About our guests
Head of Security Education at Bank of England
John Scott heads the Security Education programme for the Bank of England, delivering a series of events and communications to all staff designed to raise awareness of the issues around physical, personnel and information security, and to encourage behavioural and ultimately cultural change.
Prior to his work at the Bank, John was an IT trainer in Further and Higher Education for 20 years giving him a strongly honed sympathy for the frustrations many people feel when faced with new technology.
Global Awareness, Communication and Training, Cybersecurity at HSBC
Liz Murray joined HSBC in 2018 following a successful 21 year military career. Her previous experience of human factors and post-graduate study in Education that included examination of the impact of using coaching as a remedial means of improving poor performance underpin her passion for developing a positive cyber security culture.
Director, Cyber Security Strategy and Culture, Refinitiv
Reena is the Director of Cyber Security Strategy and Culture at Refinitiv. She is passionate about employee learning and overcoming information security challenges. Reena is also interested in and excited by building awareness and culture initiatives that have sustainable impacts.
Reena is keen to explore how human behaviour can help reveal the root causes of cyber attacks so the security community can develop more effective, meaningful and creative security solutions.
Dr Matthew Francis
Executive Director at Centre for Research and Evidence on Security Threats (CREST)
Dr Matthew Francis is executive director at the UK’s Centre for Research and Evidence on Security Threats. He oversees the commissioning, management and communication of CREST’s research projects and works with CREST’s stakeholders to maximise the value of research findings to government, industry and other non-academic sectors. He previously founded the website RadicalisationResearch.org and the quarterly magazine CREST
Opening by Oz Alashe MBE, CEO & Founder of CybSafe
Introduction to the Centre for Research and Evidence on Security Threats (CREST) by Dr Matthew Francis, Executive Director of CREST
Punishment in Cyber Security: Findings from the SPEC project by Dr. John Blythe, Head of Behavioural Science at CybSafe
Panel session – Elizabeth Murray (HSBC), John Scott (Bank of England), Reena Shah (Refinitiv), Dr. John Blythe (CybSafe), Chair: Oz Alashe