Gamify Awareness Training - Failure to Engage is Failure to Secure

Explore innovative approaches to cybersecurity awareness training in this conference talk from the Central Ohio InfoSec Summit 2016. Discover why traditional security training often fails to engage employees and learn how gamification can revolutionize the process. Delve into the hacker mindset, understand the difference between security knowledge and awareness, and examine why treating employees like children is counterproductive. Gain insights into effective email security practices and explore interactive games designed to teach security concepts, including USB safety, system misconfigurations, and the importance of secure screensavers. Conclude with a Q&A session and an introduction to Capture the Flag exercises to reinforce learning through hands-on experience.

Introduction
We dont prioritize security
Thinking like a hacker
Security knowledge vs security awareness
Hackers are problem solvers
Stop coddling
Emails
Changing gears
USB game
Security miss configuration game
Security screensaver game
Questions
Capture the Flag