Surfing the Motivation Wave to Create Security Behavior Change

Explore the concept of employee motivation in cybersecurity through this 30-minute conference talk from BSidesSF 2019. Delve into the limitations of traditional security awareness programs and discover a new approach that considers motivation as a crucial factor in driving security behavior change. Learn how to leverage both predictable and unpredictable security events to inspire employee action, and gain insights on measuring and creating meaningful metrics for security behaviors. Understand the Fogg Model, explore high points of motivation, and uncover the power of habit in shaping security practices. Discover effective strategies for generating motivation, including social proof and the balance between reward and punishment. Gain valuable knowledge on creating positive engagements and implementing a holistic approach to security behavior change in the workforce.

Introduction
Mashas Background
The employee is the weakest link
Employees can be your first line of defense
Lastpass survey
What is it
Behavioral Science
Security Behavior Change Components
The Fogg Model
Security Behaviors
How Motivation Occurs
High Points of Motivation
The Power of Habit
How to Generate Motivation
Social Proof
Reward vs Punishment
The Secret Magic Ratio
Creating Positive Engagements
Wrapping Up
Questions