Seeing Is Believing - Making the Cyber-Hype Real with Hacking Demos

Discover how to leverage real-world hacking demonstrations to dramatically improve user engagement in cybersecurity awareness training. This 37-minute RSA Conference talk by Daniel Kern, CSO of County of Monterey, explores innovative techniques to make security training more impactful and memorable. Learn how to create compelling hacking demos that transform users from passive listeners to active participants eager to protect themselves and their organization. Gain insights into setting up a safe computing environment for demonstrations, ethical considerations when targeting individuals, and resources for developing effective training scenarios. Explore the evolution of cybersecurity awareness programs, from traditional methods to immersive "Cyber Wars" experiences, and understand how these approaches can significantly enhance your organization's human security posture.

Intro
Government is dysfunctional
Awareness attendance was a problem for us
2013: Live awareness training
2014: Hacking demos!
2015: Cyber Wars
2017: Your password is really important...
Impact on our organization
We become the bad guys
We target a person within the organization
Not just a hacking demo....
Show users how to socially engineer...
Computing environment for demo creation
Don't do the demo live...
If you use a real person in your example, get permission!
Resources for training
If you don't want to do it yourself...
Applying What You Have Learned Today
Questions?