How do you make your team care about cybersecurity?

Welcome to the new 195 cyber warriors who joined us last week. 🥳

Weekly insights from the Black Hat MEA community. Read exclusive interviews with industry experts and key findings from the #BHMEA23 keynote stage.

Want to receive our weekly newsletters on LinkedIn? Subscribe here.

📣 This week we’re focused on…

The critical power of education for cybersecurity at every level – from developing effective security infrastructure for a global corporation, to protecting newborn babies from identity theft.

The real targets of identity theft 🎯

At #BHMEA22 Frank Abagnale (Cybercrime and Fraud Prevention Expert) said:

“If I can get the identity of a newborn child coming out of the hospital, by their date of birth, their social security number, their name; I can become that child for 18 to 20 years before anyone would ever know.”

It got us thinking – most people would expect a multi-millionaire business leader to be a more coveted target for identity theft than a child or newborn baby. But when you understand that this isn’t the case, the crucial role of cybersecurity to protect citizens becomes, on an emotional level, more urgent: because you understand that educating yourself about cyber threats isn’t just for the benefit of yourself, or the organisation you work for, or your government. It’s also for the benefit of the most vulnerable people in your community.

Why is it important for the general public to understand that? 💡

Because it’ll increase people’s willingness to engage in learning about cybersecurity and what they can do to play their part.

Neurological research has found that there’s a region of the human brain, called the medial orbitofrontal cortex, that’s specifically active within a seventh of a second in response to seeing infant faces. In other words, our brains are structured to respond differently (and quickly) to babies and children. We’re designed to want to protect them.

On a socio-psychological level, studies show that we also personally benefit from helping others. Doing something to protect or increase other people’s happiness and well-being generates more internal happiness than doing something for your own benefit.

All of that to say this: even in corporate settings, it’s worth widening the narrative around the purpose of cybersecurity.

Let team members know that when they learn how to safeguard their company’s assets as effectively as they possibly can, they’re not only protecting the company. They’re also contributing to greater security for the personal data of everyone who comes into contact with the organisation. And that can help to protect people who aren’t able to protect themselves.

Read the blog post: A 3-point philosophy for cybersecurity

Motivation to stay at the forefront of cybersecurity ⏩

We interviewed upcoming #BHMEA23 speaker Matt Lemon (CISO and VP of Cybersecurity at Huawei), and he said:

“The key thing to staying relevant in cybersecurity is that there is always something new to learn. And that’s what keeps me interested.”

And the reality of that for people (working within any organisation) who aren’t profoundly interested in cybersecurity, is that they can be very quick to fall behind. Just as CISOs always have more to learn, cybersecurity training at every level of a company has to be relevant and ongoing – and teams need to be willing to update their knowledge in order to maintain a robust infrastructure.

Obviously, that requires the training itself to be available and on-point. But it also requires motivation from the people receiving the training.

How, then, can we motivate every single person to feel engaged with (and maybe even excited about) their role in the cybersecurity ecosystem? 💭

Perhaps the answer lies in making sure everyone understands that broader purpose: open up the conversation. Give teams access to information that shows them what the impact of cybersecurity can be, in a way they can really connect with.

Read our interview with Matt Lemon.

💬 Share on Twitter

Black Hat MEA is back again from 📅 14 - 16 November 2023. Interested to be a part of it? Register now.

Join the conversation online using #BHMEA23 and @Blackhatmea.