Sarah Aalborg on Secure by Choice

Sarah Aalborg on Secure by Choice

What do people have to do with cybersecurity? A lot. As with other fields of human risk, it’s people that are typically the root cause of problems in the cybersecurity world. Which is where my guest’s expertise in behavioural design comes into play.

On this episode, I’m speaking with Sarah Aalborg, a cybersecurity and behavioural design expert who’s on a mission to change how organisations approach IT security.

Rather than focusing on firewalls and tech solutions, Sarah examines the human behaviours that can undermine even the best-designed security systems.

Her new book, Secure by Choice, challenges conventional security thinking by exploring how cognitive biases affect security professionals and how to use behavioural design to reshape security culture.

We discuss the pitfalls of traditional security training – particularly those phishing tests that feel more like traps than training – and how to flip the script by focusing on what we want people to do rather than what we want them to avoid.

Sarah shares practical strategies for using positive reinforcement, creating engaging training experiences, and making security less about fear and more about action.

By applying principles of behavioural science and risk-based thinking, Sarah explains how we can bridge the gap between security policies and everyday human behaviour.

Guest Biography
Sarah Aalborg is a cybersecurity expert and behavioural design advocate, focusing on how cognitive biases impact IT security professionals and their decision-making processes.

She is the author of Secure by Choice, a book that challenges conventional approaches to cybersecurity training by applying principles of behavioural science to security culture.

With a background in IT security spanning over two decades, Sarah speaks at major security events and consults with organisations on how to create more effective, engaging, and human-centric security programs.

AI-Generated Timestamped Summary
[00:00:00] Introduction

[00:01:00] Meet Sarah Aalborg – Why she wrote Secure by Choice and her journey into behavioural design.

[00:03:00] The '20-centimetre above the keyboard' exercise – How human inaction impacts tech security.

[00:05:00] Why phishing tests feel like entrapment – and how to flip the script.

[00:08:00] Turning phishing tests into positive reinforcement opportunities.

[00:10:00] How a simple 'Report Suspicious Email' button can change behaviours.

[00:12:00] The problem with fear-based messaging in cybersecurity.

[00:14:00] Why telling people what NOT to do isn’t effective.

[00:15:00] Sarah’s four-step framework for creating risk-aware security cultures.

[00:17:00] Why most security training is designed to address the wrong problem.

[00:20:00] The McDonald's kiosk example – What we can learn from other industries.

[00:25:00] The importance of actionable examples in security training.

[00:30:00] The generative AI paradox – When tech meets human bias.

[00:35:00] Why AI is the ultimate behavioural science challenge.

[00:40:00] The 'Operating System' analogy – Why the human brain is still running Stone Age software.

[00:50:00] Why cyber professionals need to look outside their own industry for inspiration.

[00:55:00] The role of curiosity and exploration in designing effective security programs.

Links:Sarah’s website: https://securebychoice.com/
Sarah on LinkedIn: https://www.linkedin.com/in/sarah-aalborg-bb348a1/
Secure by Choice:https://securityblendbooks.com/products/secure-by-choice?

Denne episoden er hentet fra en åpen RSS-feed og er ikke publisert av Podme. Den kan derfor inneholde annonser.

Episoder(372)

David Grosse on The Unconvention

David Grosse on The Unconvention

What happens when two people who spend their careers thinking about human behaviour meet in a London pub and start complaining about conferences? Apparently, they decide to organise one.Episode Summar...

25 Jun 48min

Freewheeling on Human Risk with Thomas Ableman

Freewheeling on Human Risk with Thomas Ableman

Why is it so hard to stop people playing vides, music or phone calls out loud on public transport — and what does that tell us about changing human behaviour? Show Summary This episode of The Human Ri...

11 Jun 45min

Jill Wick on The Human Side of Cybersecurity

Jill Wick on The Human Side of Cybersecurity

What if the best way to improve cybersecurity — or any other form of human risk — wasn't another policy, training course, or piece of technology, but a board game?  That's the kind of question my gues...

30 Mai 1h 3min

Tobias Sturesson: from cult to corporate culture

Tobias Sturesson: from cult to corporate culture

What can businesses learn from cults?It might sound like an uncomfortable comparison: one involves strategy meetings, values statements and quarterly targets; the other manipulation, charismatic leade...

23 Mai 1h 8min

Will Tarrant on Service: Closing the gap between brand promise and reality

Will Tarrant on Service: Closing the gap between brand promise and reality

What makes great service? It’s one of those things we instantly recognise when we experience it, but struggle to define. And while organisations spend huge amounts of time trying to design seamless cu...

8 Mai 1h

Dr Carissa Véliz on Prophecy

Dr Carissa Véliz on Prophecy

What if prediction isn’t about knowing the future, but controlling it?  On this episode, I'm joined by a leading thinker on digital ethics, privacy and technology to explore the idea of prophecy.Episo...

25 Apr 1h 2min

Dr C Thi Nguyen on How to stop playing someone else's game

Dr C Thi Nguyen on How to stop playing someone else's game

We like to think we choose what matters. But what if the goals we’re chasing… aren’t actually ours?Episode Summary My guest on this episode is Dr. C. Thi Nguyen, philosopher and author of The Score: H...

12 Apr 1h 8min

Phil Dobson on Cognitive Leadership

Phil Dobson on Cognitive Leadership

We tend to assume that if we’re working hard, we’re working well. But what if that isn’t true?Episode SummaryMy guest on this episode is Phil Dobson, author of The Brain Book and founder of Brain Work...

4 Apr 1h 9min

Populært innen Vitenskap

fastlegen
tingenes-tilstand
rekommandert
liberal-halvtime
sinnsyn
jss
villmarksliv
forskningno
tomprat-med-gunnar-tjomlid
fjellsportpodden
dekodet-2
rss-kunstig-intelligens-med-elisabeth-maren-og-morten
rss-rekommandert
nevropodden
smart-forklart
rss-paradigmepodden
rss-nysgjerrige-norge
abid-nadia-skyld-og-skam
abels-tarn
rss-overskuddsliv