Championing Security

A Focus on Security Champions in Las Vegas

Author

Stanley Harris
August 07, 2024

Greetings!

Welcome to the second edition of the Security Champion Newsletter, brought to you by Katilyst! We’re going to take a look at a couple of conferences taking place in Las Vegas this week, which include some great talks related to Security Champions and security culture as a whole. We’ll also share a couple highly valuable resources for folks looking for help in launching their Champion programs, and share some fun memes along the way! Of course, don’t forget to subscribe to our newsletter if you haven’t already:

BlackHat and DefCon are two of the biggest cybersecurity conferences held in the USA every year. Within the exhibition halls and conference rooms there are a variety of talks, panel discussions, and workshops that cover topics ranging from AppSec best practices to wild stories from the hacker landscape. Whether you’re managing a Security Champion program, or you’re a champion yourself, there is so much to see, hear and learn at these conferences!

Katilyst brings Champions to Vegas!

Katilyst will be present for both conferences, looking to meet with other security culture evangelists to share ideas on how we motivate better security behaviors in our workforce. In fact, our own Dustin Lehr will be taking on the role of speaker and panel guest at two BlackHat events. Last night, Dustin joined CyberNest and the CISO Society for their opening night Happy Hour to give his talk, “The Human Factor: Building a Proactive Security Culture Through Behavioral Science.” We’ve already received some positive feedback from attendees who loved Dustin’s approach to human-focused motivational design in building Champion programs!

Dustin will also be joining a panel including Tanya Janca, Head of Education and Community at Semgrep, to discuss the benefits and struggles with Security Champion programs. “The Security Champion Meetup” is being held at 10:20amPST at Mandalay Bay, Lagoon G, Level 2. If you’re attending BlackHat, we highly recommend you join this panel for some amazing insights from security culture experts who want to help make Champion programs accessible and successful for everyone!

Security Champion meme of the week!

🔦 Security Champion Resource Spotlight

In this edition of our Resource Spotlight, we’re inviting you to watch an incredibly insightful live stream webinar hosted by Wizer and featuring Dustin Lehr from Katilyst. “Forging Allies For Security Awareness” is part of Wizer’s monthly Security Awareness Plan series, and focuses on how security teams can cultivate a strong security culture in their organizations through Security Champion programs. Watch and learn some tips and tricks to launching a successful program, including the importance of incentivizing participation from champions and setting clear goals and KPIs to measure program impact. We’re certain there is something for everyone to learn in this one!

Good Security Champion content. Always.

📺️ Content Corner

This week’s Content Corner features an awesome Security Champion presentation from last month’s OWASP Global AppSec conference, featuring Bonnie Viteri from Yahoo! In this talk, Bonnie highlights the journey of Yahoo’s Security Champion program, sharing insights from their program case study. From program goal-setting, to launch, to optimization, there are some wonderful learnings to be gleaned for anyone aiming to launch a Security Champion program of their own!

📆 Upcoming Events

We hope you found some nuggets of wisdom in this edition of the Security Champion Newsletter! Stay tuned for more updates every two weeks, and if you know of anyone who may be interested in learning more about building successful security culture programs, please share our newsletter with them. Until next time! 👋