Their Story Chats At RSA Conference San Francisco 2019 | Colin Bastable, CEO Of Lucy Security

This is promotional content. Learn more.


A Their Story interview with John Dasher

Only 3% of security attacks leverage technical weakness, while the remaining 97% are driven by exploiting people. Lucy Security enables organizations to take on the role of an attacker and uncover existing gaps in both technical infrastructure and staff knowledge and eliminate them through a comprehensive e-learning program. Employee responses to daily hazards like phishing are both monitored, as well as taught so that employees more accurately recognize threats and respond appropriately.

On the front end, we’ll discuss how the bad guys plan and set up infrastructure to carry out their attacks.

On the back end, we see that around 20% of employees will, unfortunately, click on an email-borne phishing attack. Through proper awareness training, this can often reduce this to less than 5%. Interestingly, while training, employees can help “crowdsource” needed data to help steer the updating of other pieces of the organizational security stack.

To help employees be more security-minded, Colin discusses how transparency with employee behavior and their progress is vital. Regulation and compliance are top of mind in this conversation — GDPR and California’s new 2018 California Privacy Act for example — and how one must think regarding protecting the kind of data a security LMS might acquire.

Learn more about Lucy Security here