We sat down with Asaf Sagi, Head of Product Management at CybeReady, to learn about him and his thoughts ahead of his talk at this year’s DACHsec Summit.
Read on below for the full interview!
Let’s take a look at the IT security threat landscape in early 2023: what are we witnessing?
In early 2024, the IT security threat landscape is characterized by sophisticated cyberattacks, increased ransomware incidents, and growing concerns over data privacy and compliance. Threat actors are leveraging advanced techniques such as AI-driven attacks and supply chain compromises, making it challenging for organizations to defend against emerging threats effectively.
Based on your answer, what would you identify as the 3 key priorities for IT Security leaders this year?
The three priorities for security leaders should focus around people, process and technology.
Three key priorities for IT Security leaders this year are:
- Strengthening Cyber Resilience: Focus on building robust incident response capabilities and enhancing resilience against cyber threats to minimize the impact of potential breaches.
- Embracing Zero Trust Architecture: Implementing a Zero Trust approach to security to verify every user, device, and network connection attempting to access resources, thereby reducing the risk of unauthorized access and lateral movement.
- Enhancing Data Protection Measures: Prioritizing data security through encryption, access controls, and comprehensive data governance strategies to safeguard sensitive information against unauthorized access and data breaches.
As a conference’s sponsor, what are you going to be addressing in your talk this year?
In the realm of security awareness training, employee inclusivity should be a fundamental principle. Workforces consist of individuals with diverse experiences, skill sets, and learning abilities. Consequently, every training program should strive to offer an inclusive, empathetic, and valued experience for each employee. This presentation explores five critical dimensions of inclusivity and clarifies how to integrate this principle into an organization’s culture:
- Localization: Customizing security awareness training to resonate with various cultural and linguistic backgrounds, ensuring the global effectiveness of conveying security messages.
- New Employees: Adopting a non-judgmental approach toward new, untrained employees who may introduce unfamiliar habits and risks into the workforce. This involves implementing a well-planned onboarding program, followed by a bootcamp to align them with their peers.
- Multi-Level Engagement: The concept of engaging employees at different levels within an organization entail catering to various roles and seniority levels. It also involves catering to various risk groups and acknowledging diverse learning habits.
- Accessibility: Designing training that caters to individuals with disabilities and impairments to create an environment where security awareness is accessible and customized for every member of the workforce.
- Multichannel Approach: A multifaceted strategy considers diverse needs, roles, ages, and distinctions between office and non-office employees. It offers different channels and mediums to engage with security awareness content.
Compromising on inclusivity in security awareness training is not a viable option. Instead, let’s champion innovative approaches and position inclusivity at the core of the organizational cybersecurity strategy.
Key Audience Takeaways:
- Understanding Inclusivity: Participants will grasp the significance of employee inclusivity in security awareness training, recognizing it as a fundamental principle for a robust cybersecurity strategy.
- Practical Inclusion Strategies: Attendees will gain insights into five critical dimensions of inclusivity, including localization, new employee onboarding, multi-level engagement, accessibility, and a multichannel approach. They’ll learn how to implement these strategies effectively.
By the end of the session, the audience will be equipped with practical knowledge and strategies to make their security awareness training programs more inclusive and effective, ultimately enhancing their organization’s cybersecurity posture.
What can people expect from DACHsec?
Attendees can expect DACHsec to provide a platform for cybersecurity professionals to network, share insights, and stay updated on the latest trends and best practices in the field. The event will feature keynote presentations, panel discussions, and interactive sessions led by industry experts, offering valuable knowledge and actionable insights to enhance cybersecurity strategies and defenses.
Catch Asaf at DACHsec Summit on 9th – 10th April for his thought leadership talk: ‘A Holistic Approach to Personalised Training’! Join us for his session and enjoy live Q&As throughout the summit by registering for FREE online with code: CYBER-VIP at dach.cyberseries.io/register/.
