The Praxis Practice Blog
Insights on security culture, human factors in cybersecurity, and building resilient organizations.
On Measuring the Unmeasurable
Security culture is a theoretical metaphor that we can measure as others.
Meaningful Metrics: The Case for Switch Cost
Resilience in cybersecurity is about meaningful metrics, such as switch cost in cybersecurity.
The Internet is a dark room. Your brain thinks the lights are on.
How can you tell when someone is lying to you? Most of our defenses against social threats are disabled in digital environments. Worse, we don't realize.
Meaningful Baselines for Human Factors: Here's How To Do It
The most important reason for a baseline is to be able to know that what you do is the right thing to do in human risk management cybersecurity.
The Problem with Awareness Training Best Practices - and How We Can Fix It
Security awareness training best practices are not working because they provide a one size fits all approach, which is damaging to security culture.
Words Matter: Why Human Risk Management is More Than Just a Term
It is important to shift from using the term security awareness to human risk management to adapt to the growing complexity in cybersecurity.
The Emotional Reality of the Digital World
Empathy is key in cybersecurity, and we must remember that digital events have real world consequences.
The importance of multidisciplinary collaboration in cybersecurity analytics
Multidisciplinary teams allow for better insight and interpretation of data in cybersecurity.
How do you report your security culture progress to the board?
Reporting security progress to the board of directors is one of the biggest challenges security professionals face today. Here are some tips to help.
From Reactive to Proactive Strategies
Proactive approach is needed for combating social engineering.