CISO Workshops

Human Behavior and Security Culture – America


July 20, 2011 • Hanover, NH • USA

Human Behavior and Security Culture - America Photo

Baker Tower, Dartmouth College

Corporations and governments alike are faced with staggering risks from members of their own organization. Whether willful or inadvertent, human-induced leaks fueled by mass distribution through organizations like WikiLeaks can create breath-taking exposure. While the risks are not new, the targeted threats towards individuals are increasing with ever-more sophisticated deceptions. Likewise, the consumerization of technology has added new challenges in controlling leaks from malicious insiders. Once leaked, information can be globally distributed through highly visible activists, monetized through criminal syndicates, or leveraged by unethical competitors. In this workshop, CISOs/directors of information security discussed how companies are managing the human element of security. Using a moderated roundtable, panel discussions, and structured breakouts, we:

  • Discussed the risks associated with the consumerization of technology and the prominence of social media.
  • Explored the human issues in information risk.
  • Examined how behavioral science can be used to reduce risk.
  • Shared experiences with employee education.
  • Discussed the role of incentives in improving security hygiene.
  • Looked for opportunities to reduce risk through public/private dialog and partnership.
  • Considered the challenges of mitigating behavior risks from the workforce of outsourced vendors and partners.
  • Anticipated if/how behaviors need to change when using cloud services.
  • Discussed the impact of Gen Y in the workplace.
  • Discussed the impact of role-based security on behaviors and risk.

Workshop Executive Advisory Council:

  •  Eric Cowperthwaite, System Director, Enterprise Risk Management Services & CISO, Providence Health & Service
  •  Ann Halford, VP of World Wide Security, Staples
  •  John Stewart, VP, Chief Security Officer, Cisco Systems Inc.
  •  Phil Venables, Managing Director, Chief Information Risk Officer, Goldman Sachs

We welcomed executives from the following companies to the workshop:


  Bechtel  Coca-Cola Cigna   Colgate Palmolive              eBay     General Dynamics       Goldman Sachs       LL Bean    MITRE
Providence Health & Services Praxair  Staples
     Stream Global Services        Time Inc      US Department of Homeland Security  United Technologies


In sponsorship with DHS  and the I3P.
      I3P Institute for Information Infrastructure Protection


John Stewart, VP and Chief Security Officer, Cisco Systems

Hear John discuss why workshops like this are vital to Info Executives.

  • dinner.jpg

    "Interview with the Editor" during dinner. Professor Eric Johnson asks Bill Brenner, Senior Editor of CSO/CIO Magazines, about his security predictions and current considerations. Hot topics to watch include security in the cloud and mobile finance.

  • 002.jpg

    Bill Brenner's slide.

  • cisoooo.jpg

    The full room considers findings from the recent CISO Workshop survey in Europe.

  • cissssssssssso.jpg

    Roberta Stempfley of the U.S. Department of Homeland Security turns to hear John Stewart, the VP and CSO of Cisco Systems, respond to a question on privacy. Between them are Phil Venables, the Managing Director and CIRO of Goldman Sachs and Prof Eric Johnson.

  • bobbby.jpg

    Bobbie Stempfley, Acting Assistant Secretary, Cybersecurity and Communiations, U.S. Department of Homeland Security

  • cisoTIme.jpg

    Robert Duran, Information Security and Privacy Officer/VP of Information Risk Management at Time Inc., listens in the foreground. Dave Cullinane, CISO and VP at eBay, sits at his left. Debra Cody, Karen Carman, Charles Burns and Shari Lawrence Pflegger sit in the background.

  • outside2.jpg

    Hans leads a breakout session in the summer heat.

  • ciso_viral.jpg

    John discusses how surprising it can be to see what goes viral and resonates with the workplace culture.

  • ciso_viral1.jpg

    Justin Albrechten, Senior Applied Psychologist at Mitre Corp and Juhee Kwon, CDS Research Fellow.

  • ciso_viral2.jpg

    Dave Cullinane, CISO and VP at eBay, responds to a question concerning customer security.


Trending Digital Business Topics