Security Awareness Training: One CISO’s Journey From Doubter to Believer
As a former Fortune 500 CISO (and current Security Advisor to Wombat), Alan Levine has an extensive and impressive resume. He has global experience in infosec strategy and management; data privacy, IT compliance, and corporate regulatory compliance; and all aspects of cybersecurity within large, multinational organizations. He is also an experienced lecturer and educator; a founding member of the Microsoft Security Council and Oracle’s GRC Council; and current board chair and founding board member of Carnegie Mellon University’s Chief Information Security Officer’s Executive Program.
But there’s one previously held position that you won’t find on his resume: security awareness training skeptic.
As Levine told TechTarget in March 2018, “I believed that cyber awareness training was useless because I believed my users were probably untrainable. What I learned was that it was a pivotal and critical part of my cyber defense strategy.”
One CISO’s Journey to Cyber Awareness
Levine shares his journey from doubter to believer in the webinar replay accessible below. In it, he discusses the nation-state attack that led him to reexamine end users’ roles in cybersecurity and the value of incorporating cybersecurity awareness training into defense-in-depth strategies.
Listen today to learn more about what Levine calls his “incredible turning event” and the factors that prompted him to realize that his budget needed to be allocated to both technical safeguards — the “first line of defense” — and cybersecurity education for end users, the “last line of defense.”