Perry Carpenter of KnowBe4 argues that the traditional notion of security awareness is outdated. Instead, he emphasizes the importance of addressing Human Risk, suggesting that individuals are not the weakest link in security but a crucial layer needing support. At the RSAC Conference in San Francisco, Carpenter discusses the need to move past conventional awareness initiatives, highlighting the shortcomings of current defenses. He also examines the role of AI in shaping security threats, pointing out that understanding the psychology behind attacks is essential for effective risk management.
Security awareness is a thing of the past, and we must shift focus to Human Risk, a perspective shared by Perry Carpenter to reshape security approaches.
Carpenter argues that awareness doesn't change behavior and that humans should not be seen merely as the weakest link in security, but rather as an essential component.
AI transforms the Human Risk landscape, where every deceptive attack is essentially a narrative attack aimed at manipulating emotions and beliefs on a customized scale.
Instead of blaming humans, we should recognize that the failure of phishing attacks indicates a breakdown in multiple technical controls, revealing a need for adequate support.
Collection
[
|
...
]