September's Monthly Meeting:
Our September Chapter meeting will be held on Thursday, September 27, 2018 from 6 PM until 8 PM at Chesterfield Career & Technical Center @ Hull located at 13900 Hull Street Rd, Midlothian, VA 23112 (map), Room A256.>. Click here to register and RSVP for the meeting.
- Presentation - The Human Factor in Managing Risk, presented by David Brown
- Chapter/Committee Business - Bylaw Review and Election Discussion
This month's speaker will be our own chapter secretary, David Brown, who will speak about human factors in managing risk within Information Security.
In the world of information security there are three primary tools used to manage risk: technology, policy, and people. Of the three, humans present the greatest challenge which can either be a risk or an opportunity/advantage. Sociologists have studied human behavior and motivations for decades, but relatively little has been written to specifically address influences on human behavior in the realm of information security. Using modern sociological testing we can identify various security cultures and thereby understand why people act the way they do in given circumstances. With this understanding we can change the culture of our organizations to effectively social-engineer our people to act in ways that promote better security risk management. This takes security training to a new level by putting the responsibility for how our end-users act on management (who create the culture) rather than the end user. What end users need is not more information (traditional security training), nor do they need more penalties for non-compliance (motivation by fear). They need to work in a culture that rewards good security actions and motivates them to be vigilant in protecting themselves and their organization.
Zoom Meeting Option:
Unable to attend in person? Register to attend remotely via Zoom:
After registering, you will receive a confirmation email containing information about joining the meeting.